ГлавнаяУязвимости → CVE-2025-22480
7высокая

CVE-2025-22480

Описание

Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privileges.

Затрагиваемое ПО
Dell Supportassist os recovery
CVSS
Балл7 — высокая
ВекторCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.dell.com/support/kbdoc/en-us/000275712/dsa-2025-051