CVE-2025-43724
CVE-2025-43724
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.4EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
08 Oct 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Affected products
Dell · PowerScale OneFS