Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-21105

Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down the server, modifying the configuration leading to gain access to unauthorized data.

Published

2025-02-20T12:15:11.233

Last Modified

2025-07-31T17:31:21.743

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.6 (MEDIUM)

Weaknesses

Type: Primary
CWE-284
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	dell	recoverpoint_for_virtual_machines	6.0	Yes
Application	dell	recoverpoint_for_virtual_machines	6.0	Yes
Application	dell	recoverpoint_for_virtual_machines	6.0	Yes

References

https://www.dell.com/support/kbdoc/en-us/000287503/dsa-2025-101-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-component-vulnerabilities Vendor Advisory ([email protected])