What is the CVSS score of CVE-2025-46684?

CVE-2025-46684 has a CVSS 3.1 base score of 6.6 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Supportassist Os Recovery are affected by CVE-2025-46684?

CVE-2025-46684 presents notable security risk rated CVSS 6.6. Exploitation could compromise the security of affected deployments.

How to fix or mitigate CVE-2025-46684?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Supportassist Os Recovery CVE-2025-46684

MEDIUM

Creation of Temporary File With Insecure Permissions (CWE-378)

2026-01-13 security_alert@emc.com

Information Disclosure Dell Supportassist Os Recovery

6.6

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

CVE Published

Jan 13, 2026 - 17:15 nvd

MEDIUM 6.6

DescriptionNVD

Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering.

AnalysisAI

Technical ContextAI

Affects Supportassist Os Recovery. Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering.