CVE-2025-45378
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-05

Last updated on: 2025-11-07

Assigner: Dell

Description
Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system. If ssh is enabled with web credentials of server, attack is possible through network with known privileged user/password.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-05
Last Modified
2025-11-07
Generated
2026-06-24
AI Q&A
2025-11-05
EPSS Evaluated
2026-06-23
NVD
CVE-2025-45378
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
dell cloudlink From 8.0 (inc) to 8.1.2 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Dell CloudLink versions 8.0 through 8.1.2, where a privileged user with a known password can bypass the restricted shell and gain full command shell access on the CloudLink server. This allows the user to escalate privileges and gain unauthorized system access. If SSH is enabled using the server's web credentials, an attacker can exploit this vulnerability remotely over the network using the known privileged user credentials.

Impact Analysis

The vulnerability can lead to unauthorized access and full control over the affected CloudLink server. An attacker with known privileged credentials can escalate privileges, execute arbitrary commands, and potentially compromise the confidentiality, integrity, and availability of the system and its data.

Detection Guidance

Detection can focus on identifying if SSH is enabled on the CloudLink server and if privileged user credentials are being used. Commands to check SSH service status and active sessions include: 'systemctl status ssh' or 'service ssh status' to verify SSH is running, and 'who' or 'w' to see logged-in users. Additionally, monitoring for unusual shell access by privileged users may help detect exploitation attempts.

Mitigation Strategies

Immediate mitigation steps include disabling SSH access using web credentials on the CloudLink server, changing privileged user passwords to strong, unique values, and restricting SSH access to trusted hosts only. Applying any available patches or updates from Dell for CloudLink versions 8.0 through 8.1.2 is also recommended.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-45378. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart