CVE-2025-36611
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-30
Last updated on: 2025-07-31
Assigner: Dell
Description
Description
Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an Improper Link Resolution Before File Access ('Link Following') Vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | dell_encryption | * |
| dell | dell_security_management_server | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-59 | The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Dell Encryption and Dell Security Management Server versions prior to 11.11.0. It is an Improper Link Resolution Before File Access ('Link Following') vulnerability that can be exploited by a local malicious user to escalate privileges.
How can this vulnerability impact me? :
If exploited, this vulnerability can lead to privilege escalation, allowing a local malicious user to gain higher-level access than intended, potentially compromising system security and sensitive data.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70