Severity by source
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionCVE.org
A stack-based buffer overflow vulnerability exists in the securebio_identify functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted malicious cv_object can lead to a arbitrary code execution. An attacker can issue an API call to trigger this vulnerability.
AnalysisAI
Stack-based buffer overflow vulnerability in Dell ControlVault3's securebio_identify functionality that allows local attackers with low privileges to execute arbitrary code with high impact across the system. The vulnerability affects ControlVault3 versions prior to 5.15.10.14 and ControlVault3 Plus versions prior to 6.2.26.36, and can be triggered via a specially crafted API call with a malicious cv_object parameter.
Technical ContextAI
This vulnerability exists in the securebio_identify API function of Dell ControlVault3, a credential and identity management solution. The root cause is a classic stack-based buffer overflow (CWE-121: Stack-based Buffer Overflow), where insufficient input validation on the cv_object parameter allows an attacker to write beyond allocated stack memory boundaries. ControlVault3 is a security application that manages biometric and credential data; the securebio_identify function likely processes biometric identification requests. The affected CPE strings are: cpe:2.3:a:dell:controlvault3:*:*:*:*:*:*:*:* (versions <5.15.10.14) and cpe:2.3:a:dell:controlvault3_plus:*:*:*:*:*:*:*:* (versions <6.2.26.36). Stack-based overflows are particularly dangerous because they can overwrite return addresses and local variables, enabling direct code execution control.
RemediationAI
- action: Immediate Patching; details: Update Dell ControlVault3 to version 5.15.10.14 or later. Update Dell ControlVault3 Plus to version 6.2.26.36 or later. Patches should be deployed through Dell's security advisory channels.
- action: Access Control; details: Implement strict local access controls to ControlVault3-enabled systems. Restrict user account privileges to minimum necessary levels. Disable or restrict API access to the securebio_identify function for untrusted local users.
- action: Input Validation; details: Until patches are applied, implement endpoint detection and response (EDR) solutions configured to detect stack buffer overflow exploitation patterns and suspicious securebio_identify API calls with oversized cv_object parameters.
- action: Monitoring; details: Monitor system logs for abnormal calls to securebio_identify API endpoints, unexpected privilege escalations on ControlVault3 systems, and segmentation fault/crash events in ControlVault3 processes.
- action: Vendor Advisory; details: Consult Dell's official security advisory for CVE-2025-24922 for detailed patch availability, compatibility notes, and rollback procedures. Check dell.com/support for the latest security bulletins.
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default passwor
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute
Dell RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1 contains hardcoded credentials (CVE-2026-22769, CVSS 10.0) t
An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance vers
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not requir
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection
d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allows remote at
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privile
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-18303