Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-36572

Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in the PowerStore image file. A low privileged attacker with remote access, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to gain unauthorized access based on the hardcoded account's privileges.

Published

2025-05-28T17:15:24.093

Last Modified

2025-06-09T18:58:23.397

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-798

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dell	powerstoreos	< 4.0.1.3-2494147	Yes
Hardware	dell	powerstore_1000t	-	No
Hardware	dell	powerstore_1200t	-	No
Hardware	dell	powerstore_3000t	-	No
Hardware	dell	powerstore_3200q	-	No
Hardware	dell	powerstore_3200t	-	No
Hardware	dell	powerstore_5000t	-	No
Hardware	dell	powerstore_500t	-	No
Hardware	dell	powerstore_5200t	-	No
Hardware	dell	powerstore_7000t	-	No
Hardware	dell	powerstore_9000t	-	No
Hardware	dell	powerstore_9200t	-	No

References

https://www.dell.com/support/kbdoc/en-us/000325205/dsa-2025-223-dell-powerstore-t-security-update-for-multiple-vulnerabilities Vendor Advisory ([email protected])