CVE-2025-24922
Awaiting Analysis
Awaiting Analysis - Queue
BaseFortify
Publication date: 2025-06-13
Last updated on: 2025-11-03
Assigner: Talos
Description
Description
A stack-based buffer overflow vulnerability exists in the
securebio_identify functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior toΒ 6.2.26.36. A
specially crafted malicious cv_object can lead to a arbitrary code
execution. An attacker can issue an API call to trigger this
vulnerability.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in the securebio_identify functionality of Dell ControlVault3 and Dell ControlVault3 Plus. It occurs when a specially crafted malicious cv_object is used, allowing an attacker to execute arbitrary code by issuing a specific API call.
How can this vulnerability impact me? :
The vulnerability can lead to arbitrary code execution, which means an attacker could potentially take control of the affected system, leading to data compromise, system instability, or further exploitation.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70