Severity
High
Analysis Summary
CVE-2025-46364 CVSS:9.1
Dell CloudLink could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by the CLI Escape vulnerability. By sending a specially crafted request via console, an attacker could exploit this vulnerability to execute arbitrary commands on the system and gain control of the system.
CVE-2025-43990 CVSS:7.3
Dell Command Monitor (DCM) could allow a local authenticated attacker to gain elevated privileges on the system, caused by containing an execution with unnecessary privileges vulnerability. A attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.
Impact
- Privilege Escalation
- Gain Access
Indicators of Compromise
CVE
CVE-2025-46364
CVE-2025-43990
Affected Vendors
- Dell
Affected Products
- Dell CloudLin
- Dell Command Monitor (DCM) 3.15.0
Remediation
Upgrade to the latest version of Dell, available from the Dell Website.