CVE-2025-24919

| EUVD-2025-18307 HIGH
2025-06-13 [email protected]
8.1
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 21:34 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 21:34 euvd
EUVD-2025-18307
CVE Published
Jun 13, 2025 - 22:15 nvd
HIGH 8.1

Tags

Deserialization RCE Dell

Description

A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality of Dell ControlVault3 prior to 5.15.10.14 and ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault response to a command can lead to arbitrary code execution. An attacker can compromise a ControlVault firmware and have it craft a malicious response to trigger this vulnerability.

Analysis

Critical deserialization vulnerability in Dell ControlVault3 that allows unauthenticated local attackers to achieve arbitrary code execution by sending specially crafted responses to the cvhDecapsulateCmd functionality. The vulnerability affects ControlVault3 prior to version 5.15.10.14 and ControlVault3 Plus prior to 6.2.26.36. An attacker who can compromise ControlVault firmware or intercept responses can trigger remote code execution with system-level privileges, making this a high-impact vulnerability despite the moderate attack complexity requirement.

Technical Context

CVE-2025-24919 exploits unsafe deserialization of untrusted input in the cvhDecapsulateCmd command handler within Dell's ControlVault3 security appliance. ControlVault3 is a hardware security module (HSM) and key management solution that processes cryptographic operations and credential management. The vulnerability stems from CWE-502 (Deserialization of Untrusted Data), where serialized objects from ControlVault responses are deserialized without proper validation. An attacker who compromises the ControlVault firmware or can perform man-in-the-middle attacks on the communication channel can craft malicious serialized payloads that execute arbitrary code during the deserialization process. This affects Dell ControlVault3 (CPE: cpe:2.3:a:dell:controlvault3:*) versions before 5.15.10.14 and ControlVault3 Plus (CPE: cpe:2.3:a:dell:controlvault3_plus:*) versions before 6.2.26.36. The vulnerability is particularly dangerous because ControlVault appliances typically operate in sensitive infrastructure roles managing encryption keys and authentication credentials.

Affected Products

- product: Dell ControlVault3; cpe: cpe:2.3:a:dell:controlvault3:*; vulnerable_versions: < 5.15.10.14; fixed_version: 5.15.10.14 and later - product: Dell ControlVault3 Plus; cpe: cpe:2.3:a:dell:controlvault3_plus:*; vulnerable_versions: < 6.2.26.36; fixed_version: 6.2.26.36 and later

Remediation

Dell has released security updates to address this vulnerability. Immediate remediation steps: (1) Upgrade Dell ControlVault3 installations to version 5.15.10.14 or later; (2) Upgrade Dell ControlVault3 Plus installations to version 6.2.26.36 or later. Access Dell's security advisory and patches through the Dell Support portal and official security advisories. Organizations unable to immediately patch should: implement network segmentation to restrict access to ControlVault appliances from untrusted networks; monitor firmware integrity using Dell's hardware security mechanisms; disable cvhDecapsulateCmd functionality if not required for operational needs; implement host-based monitoring to detect unauthorized code execution attempts. Firmware integrity verification should be performed post-update to ensure patch integrity.

Priority Score

41
Low Medium High Critical
KEV: 0
EPSS: +0.4
CVSS: +40
POC: 0

Share

CVE-2025-24919 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy