Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-38747

Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contain a Creation of Temporary File With Insecure Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to Elevation of Privileges.

Published

2025-08-06T20:15:28.197

Last Modified

2025-08-18T15:36:36.020

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
CWE-378

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	dell	supportassist_os_recovery	< 5.5.14.0	Yes

References

https://www.dell.com/support/kbdoc/en-us/000353093/dsa-2025-315 Vendor Advisory ([email protected])