CVE-2025-21105
CVE-2025-21105
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.6EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
20 Feb 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down the server, modifying the configuration leading to gain access to unauthorized data.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
Affected products
Dell · RecoverPoint for VMsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →