Trusted Device Agent
CVE-2025-29984
MEDIUM
Severity by source
AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Dell Trusted Device, versions prior to 7.0.3.0, contain an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
AnalysisAI
Dell Trusted Device, versions prior to 7.0.3.0, contain an Incorrect Default Permissions vulnerability. Rated medium severity (CVSS 6.7). No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-284. Dell Trusted Device, versions prior to 7.0.3.0, contain an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. Affected products include: Dell Trusted Device Agent. Version information: prior to 7.0.3.0.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Trusted Device Agent
View allDell Trusted Device Agent, versions prior to 5.3.0, contain(s) an improper installation permissions vulnerability. Rated
Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File Access ('Link Following'
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today