How to fix CVE-2025-21111?

Within 30 days: Identify all affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is Vxrail D560 Firmware affected by CVE-2025-21111?

CVE-2025-21111 presents notable security risk rated CVSS 7.5. Exploitation could compromise the security of affected deployments. Organizations should apply vendor updates when available and consider compensating controls in the interim.

CVE-2025-21111

HIGH

2025-01-08 [email protected]

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:02 vuln.today

CVE Published

Jan 08, 2025 - 18:15 nvd

HIGH 7.5

Tags

Dell Information Disclosure Vxrail D560 Firmware Vxrail D560F Firmware Vxrail E460 Firmware Vxrail E560 Firmware Vxrail E560 Vcf Firmware Vxrail E560F Firmware Vxrail E560F Vcf Firmware Vxrail E560N Firmware Vxrail E560N Vcf Firmware Vxrail E660 Firmware Vxrail E660F Firmware Vxrail E660N Firmware Vxrail E665 Firmware Vxrail E665F Firmware Vxrail E665N Firmware Vxrail G560 Firmware Vxrail G560 Vcf Firmware Vxrail G560F Firmware Vxrail P470 Firmware Vxrail P570 Firmware Vxrail P570 Vcf Firmware Vxrail P570F Firmware Vxrail P570F Vcf Firmware Vxrail P580N Firmware Vxrail P580N Vcf Firmware Vxrail P670F Firmware Vxrail P670N Firmware Vxrail P675F Firmware Vxrail P675N Firmware Vxrail S470 Firmware Vxrail S570 Firmware Vxrail S570 Vcf Firmware Vxrail S670 Firmware Vxrail V470 Firmware Vxrail V570 Firmware Vxrail V570 Vcf Firmware Vxrail V670F Firmware Vxrail Vd 4000R Firmware Vxrail Vd 4000W Firmware Vxrail Vd 4000Z Firmware Vxrail Vd 4510C Firmware Vxrail Vd 4520C Firmware

Description

Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

Analysis

Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. Rated high severity (CVSS 7.5). No vendor patch available.

Technical Context

This vulnerability is classified under CWE-256. Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. Affected products include: Dell Vxrail D560 Firmware, Dell Vxrail D560F Firmware, Dell Vxrail E460 Firmware, Dell Vxrail E560 Firmware, Dell Vxrail E560 Vcf Firmware. Version information: through 8.0.311.

Affected Products

Dell Vxrail D560 Firmware, Dell Vxrail D560F Firmware, Dell Vxrail E460 Firmware, Dell Vxrail E560 Firmware, Dell Vxrail E560 Vcf Firmware.

Remediation

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: 0

CVE-2025-21111 vulnerability details – vuln.today

Back

CVE-2025-21111

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code