Critical Privilege Escalation Vulnerability in Dell Data Lakehouse (CVE-2025-46608)
A critical vulnerability, tracked as CVE-2025-46608, has been identified in Dell Data Lakehouse versions prior to 1.6.0.0. This flaw is due to improper access control, allowing a high-privileged attacker with remote access to escalate privileges within the system. The vulnerability is rated as critical with a CVSS score of 9.1, and exploitation could result in unauthorized access, compromise of system integrity, and exposure of customer data. Dell has advised all customers to upgrade to the latest version immediately to mitigate the risk.
Security advisories emphasize the urgency of patching affected systems, as the vulnerability is remotely exploitable and could be leveraged to gain elevated privileges. No specific affected product versions have been listed beyond the general guidance to update any installations prior to version 1.6.0.0. Organizations using Dell Data Lakehouse should prioritize remediation to prevent potential exploitation and data breaches.
Timeline
Nov 12, 2025
CVE-2025-46608 disclosed for Dell Data Lakehouse
A critical privilege-escalation vulnerability affecting Dell Data Lakehouse was publicly identified as CVE-2025-46608. The available references describe the issue as an elevation-of-privileges flaw but provide no additional technical or remediation details.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Organizations
Sources
Related Stories
Dell PowerProtect Data Domain Flaws Expose Systems to Unauthorized Access and Root RCE
Dell disclosed two high-severity vulnerabilities in **PowerProtect Data Domain** appliances running multiple **DD OS** releases, including a weak-credentials flaw tracked as `CVE-2026-23853` and a missing-authentication issue tracked as `CVE-2026-26944`. The weak-credentials vulnerability affects Feature Release versions **7.7.1.0 through 8.5**, **LTS2025 8.3.1.0 through 8.3.1.20**, and **LTS2024 7.13.1.0 through 7.13.1.50**, and could allow an unauthenticated attacker with local access to gain unauthorized access to the system. The issue is classified as **CWE-1391** and carries a **CVSS v3.1** score vector of `AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`. Dell also reported `CVE-2026-26944`, a **missing authentication for critical function** flaw classified as **CWE-306**, which could allow an unauthenticated remote attacker to execute arbitrary commands with **root privileges** if an authenticated user performs a specific action. That vulnerability is rated with the **CVSS v3.1** vector `AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H`. Both issues were referenced in Dell security guidance, including advisory **`DSA-2026-060`**, and affect backup infrastructure that may be critical to recovery operations, making remediation and version review a priority for defenders.
1 weeks ago
Critical Authentication Bypass Vulnerabilities in Dell Storage Manager
Dell Storage Manager was found to contain multiple critical vulnerabilities, including CVE-2025-43995 (CVSS 9.8), which allows unauthenticated attackers to bypass authentication and access APIs exposed by the `ApiProxy.war` component in the DataCollectorEar.ear package. Exploitation is possible by using a special `SessionKey` and `UserId` associated with special users created for internal service purposes. Another related vulnerability, CVE-2025-43994 (CVSS 8.6), involves missing authentication for critical functions, potentially leading to information disclosure if exploited by a remote attacker. These flaws affect Dell Storage Center systems running Dell Storage Manager version 20.1.21. The vulnerabilities were disclosed by security researchers and confirmed by Dell, with advisories urging immediate patching to prevent unauthorized access and data exposure. No evidence of exploitation in the wild has been reported as of the publication date, but the critical nature of the flaws underscores the need for urgent remediation in affected environments.
1 months ago
Pre-Authentication Command Injection Vulnerability in Dell UnityVSA
Dell UnityVSA, the software-defined storage solution from Dell, has been found to contain a critical pre-authentication command injection vulnerability, tracked as CVE-2025-36604. This flaw allows attackers to execute arbitrary commands on affected systems without requiring authentication, significantly increasing the risk of unauthorized access and system compromise. The vulnerability arises from improper handling of login redirect URIs, where user-supplied input is directly concatenated into a command string executed by the system, specifically through Perl’s backtick operator in the getCASURL function. If an attacker crafts a request without the expected authentication cookie, the system’s login flow can be manipulated to inject shell metacharacters, enabling remote code execution. This could allow threat actors to alter system configurations, access or destroy sensitive data, deploy additional malicious scripts, or take full control of the UnityVSA appliance. The issue affects all UnityVSA versions prior to 5.5.1, with Dell’s advisory (DSA-2025-281) confirming that versions 5.5 and earlier are vulnerable. Dell has rated the vulnerability as 'High' severity (CVSS 7.3), but the National Vulnerability Database (NVD) suggests it could reach a 'Critical' rating (CVSS 9.8) under certain conditions. In addition to CVE-2025-36604, related vulnerabilities such as a cross-site scripting flaw (CVE-2025-36605) and other command injection risks in internal utilities have been identified, affecting both Unity and UnityVSA platforms. Security researchers at WatchTowr, who discovered the flaw, have released a Python-based 'Detection Artefact Generator' to help organizations identify vulnerable instances. Both Dell and WatchTowr strongly urge immediate upgrades to UnityVSA version 5.5.1 or later to mitigate the risk. Organizations are also advised to monitor for suspicious redirect URIs, shell executions, and unusual web access behaviors, even after patching. The vulnerability is particularly concerning due to the critical nature of storage systems, which often host sensitive and mission-critical data. Exploitation of this flaw could lead to significant operational disruption and data loss. The disclosure underscores the importance of timely patching and robust monitoring of storage infrastructure. Dell’s response includes detailed mitigation guidance and emphasizes the urgency of remediation. The security community has highlighted the exploit’s simplicity and the potential for widespread impact if left unaddressed. Organizations using UnityVSA should prioritize this update as part of their vulnerability management processes to prevent exploitation and safeguard their data assets.
1 months ago