CVE-2025-46637
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-10
Assigner: Dell
Description
Description
Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A local malicious user could potentially exploit this vulnerability, leading to Elevation of privileges.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | encryption | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-59 | The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Dell Encryption versions prior to 11.12.1 is an Improper Link Resolution Before File Access ('Link Following') issue. It allows a local malicious user to exploit the software by manipulating symbolic links before file access, potentially leading to an elevation of privileges.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow a local attacker to gain elevated privileges on the affected system, potentially leading to unauthorized access or control over sensitive data and system functions.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70