Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-43889 (GCVE-0-2025-43889)
Vulnerability from cvelistv5 – Published: 2025-10-07 18:37 – Updated: 2025-10-07 18:54
VLAI
EPSS
Summary
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00037622… | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release |
Affected:
7.7.1.0 , < 8.5.0.0
(semver)
|
|
| Dell | PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024 |
Affected:
7.13.1.0 , < 7.13.1.40
(semver)
|
|
| Dell | PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023 |
Affected:
7.10.1.0 , < 7.10.1.70
(semver)
|
Date Public
2025-10-01 17:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43889",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-07T18:53:46.838511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-07T18:54:02.781Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release",
"vendor": "Dell",
"versions": [
{
"lessThan": "8.5.0.0",
"status": "affected",
"version": "7.7.1.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024",
"vendor": "Dell",
"versions": [
{
"lessThan": "7.13.1.40",
"status": "affected",
"version": "7.13.1.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023",
"vendor": "Dell",
"versions": [
{
"lessThan": "7.10.1.70",
"status": "affected",
"version": "7.10.1.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-01T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure."
}
],
"value": "Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-07T18:37:23.322Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000376224/dsa-2025-333-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2025-43889",
"datePublished": "2025-10-07T18:37:23.322Z",
"dateReserved": "2025-04-18T05:05:05.741Z",
"dateUpdated": "2025-10-07T18:54:02.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-43889",
"date": "2026-06-17",
"epss": "0.00345",
"percentile": "0.26129"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-43889\",\"sourceIdentifier\":\"security_alert@emc.com\",\"published\":\"2025-10-07T19:15:36.800\",\"lastModified\":\"2025-10-14T20:11:45.030\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security_alert@emc.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security_alert@emc.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.7.1.0\",\"versionEndExcluding\":\"7.10.1.70\",\"matchCriteriaId\":\"7FCE50EA-F2B8-4455-A489-1947B0CBFEEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.13.1.0\",\"versionEndExcluding\":\"7.13.1.40\",\"matchCriteriaId\":\"C0EA46C5-6776-411A-8FBC-5B32BC216888\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0\",\"versionEndExcluding\":\"8.5.0.0\",\"matchCriteriaId\":\"F5464021-E415-4D49-AE89-8190C9D4D6FA\"}]}]}],\"references\":[{\"url\":\"https://www.dell.com/support/kbdoc/en-us/000376224/dsa-2025-333-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities\",\"source\":\"security_alert@emc.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-43889\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-07T18:53:46.838511Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-07T18:53:56.967Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Dell\", \"product\": \"PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.7.1.0\", \"lessThan\": \"8.5.0.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Dell\", \"product\": \"PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.13.1.0\", \"lessThan\": \"7.13.1.40\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Dell\", \"product\": \"PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.10.1.0\", \"lessThan\": \"7.10.1.70\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2025-10-01T17:00:00.000Z\", \"references\": [{\"url\": \"https://www.dell.com/support/kbdoc/en-us/000376224/dsa-2025-333-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"c550e75a-17ff-4988-97f0-544cde3820fe\", \"shortName\": \"dell\", \"dateUpdated\": \"2025-10-07T18:37:23.322Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-43889\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-07T18:54:02.781Z\", \"dateReserved\": \"2025-04-18T05:05:05.741Z\", \"assignerOrgId\": \"c550e75a-17ff-4988-97f0-544cde3820fe\", \"datePublished\": \"2025-10-07T18:37:23.322Z\", \"assignerShortName\": \"dell\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
FKIE_CVE-2025-43889
Vulnerability from fkie_nvd - Published: 2025-10-07 19:15 - Updated: 2026-06-17 09:24
Severity
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dell | data_domain_operating_system | * | |
| dell | data_domain_operating_system | * | |
| dell | data_domain_operating_system | * |
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"product": "PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release",
"vendor": "Dell",
"versions": [
{
"lessThan": "8.5.0.0",
"status": "affected",
"version": "7.7.1.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024",
"vendor": "Dell",
"versions": [
{
"lessThan": "7.13.1.40",
"status": "affected",
"version": "7.13.1.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023",
"vendor": "Dell",
"versions": [
{
"lessThan": "7.10.1.70",
"status": "affected",
"version": "7.10.1.0",
"versionType": "semver"
}
]
}
],
"source": "security_alert@emc.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FCE50EA-F2B8-4455-A489-1947B0CBFEEA",
"versionEndExcluding": "7.10.1.70",
"versionStartIncluding": "7.7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0EA46C5-6776-411A-8FBC-5B32BC216888",
"versionEndExcluding": "7.13.1.40",
"versionStartIncluding": "7.13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5464021-E415-4D49-AE89-8190C9D4D6FA",
"versionEndExcluding": "8.5.0.0",
"versionStartIncluding": "8.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure."
}
],
"id": "CVE-2025-43889",
"lastModified": "2026-06-17T09:24:42.213",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2025-43889",
"options": [
{
"exploitation": "none"
},
{
"automatable": "yes"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-07T18:53:46.838511Z",
"version": "2.0.3"
}
}
]
},
"published": "2025-10-07T19:15:36.800",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000376224/dsa-2025-333-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
}
]
}
GHSA-GH69-F83R-W7WG
Vulnerability from github – Published: 2025-10-07 21:31 – Updated: 2025-10-07 21:31
VLAI
Details
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Severity
5.3 (Medium)
{
"affected": [],
"aliases": [
"CVE-2025-43889"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-07T19:15:36Z",
"severity": "MODERATE"
},
"details": "Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.",
"id": "GHSA-gh69-f83r-w7wg",
"modified": "2025-10-07T21:31:05Z",
"published": "2025-10-07T21:31:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43889"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000376224/dsa-2025-333-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
WID-SEC-W-2025-2185
Vulnerability from csaf_certbund - Published: 2025-10-01 22:00 - Updated: 2025-10-07 22:00Summary
Dell PowerProtect Data Domain mit DD OS: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Dell PowerProtect Data Domain Operating System (DD OS) ist das Betriebssystem für die PowerProtect Data Domain Appliances von Dell.
Dell PowerProtect Data Domain Appliances sind speziell für Backup und Daten-Deduplizierung ausgelegte Systeme.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain OS und Dell PowerProtect Data Domain ausnutzen, um beliebigen Code auszuführen – sogar mit Root-Rechten –, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, erweiterte Rechte zu erlangen, vertrauliche Informationen offenzulegen, Phishing-Angriffe zu starten und andere nicht näher spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.5.0.0
Dell / PowerProtect Data Domain OS
|
<8.5.0.0 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS <7.13.1.40
Dell / PowerProtect Data Domain OS
|
<7.13.1.40 | ||
|
Dell PowerProtect Data Domain OS <7.10.1.70
Dell / PowerProtect Data Domain OS
|
<7.10.1.70 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain OS <8.3.1.10
Dell / PowerProtect Data Domain OS
|
<8.3.1.10 | ||
|
Dell PowerProtect Data Domain OS <8.4.0.0
Dell / PowerProtect Data Domain OS
|
<8.4.0.0 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell PowerProtect Data Domain Operating System (DD OS) ist das Betriebssystem f\u00fcr die PowerProtect Data Domain Appliances von Dell.\r\nDell PowerProtect Data Domain Appliances sind speziell f\u00fcr Backup und Daten-Deduplizierung ausgelegte Systeme.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain OS und Dell PowerProtect Data Domain ausnutzen, um beliebigen Code auszuf\u00fchren \u2013 sogar mit Root-Rechten \u2013, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, erweiterte Rechte zu erlangen, vertrauliche Informationen offenzulegen, Phishing-Angriffe zu starten und andere nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2185 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2185.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2185 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2185"
},
{
"category": "external",
"summary": "Dell Security Advisory vom 2025-10-01",
"url": "https://www.dell.com/support/kbdoc/en-us/000376224/dsa-2025-333-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "Dell PowerProtect Data Domain mit DD OS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-07T22:00:00.000+00:00",
"generator": {
"date": "2025-10-08T07:58:45.757+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2185",
"initial_release_date": "2025-10-01T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-07T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-32729, EUVD-2025-32911, EUVD-2025-32716, EUVD-2025-32897, EUVD-2025-32896, EUVD-2025-32726, EUVD-2025-32899, EUVD-2025-32900, EUVD-2025-32902, EUVD-2025-32905, EUVD-2025-32907, EUVD-2025-32909, EUVD-2025-32732"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain",
"product": {
"name": "Dell PowerProtect Data Domain",
"product_id": "T047351",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.5.0.0",
"product": {
"name": "Dell PowerProtect Data Domain OS \u003c8.5.0.0",
"product_id": "T047337"
}
},
{
"category": "product_version",
"name": "8.5.0.0",
"product": {
"name": "Dell PowerProtect Data Domain OS 8.5.0.0",
"product_id": "T047337-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:dell:powerprotect_data_domain_os:8.5.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.4.0.0",
"product": {
"name": "Dell PowerProtect Data Domain OS \u003c8.4.0.0",
"product_id": "T047338"
}
},
{
"category": "product_version",
"name": "8.4.0.0",
"product": {
"name": "Dell PowerProtect Data Domain OS 8.4.0.0",
"product_id": "T047338-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:dell:powerprotect_data_domain_os:8.4.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.3.1.10",
"product": {
"name": "Dell PowerProtect Data Domain OS \u003c8.3.1.10",
"product_id": "T047339"
}
},
{
"category": "product_version",
"name": "8.3.1.10",
"product": {
"name": "Dell PowerProtect Data Domain OS 8.3.1.10",
"product_id": "T047339-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:dell:powerprotect_data_domain_os:8.3.1.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.13.1.40",
"product": {
"name": "Dell PowerProtect Data Domain OS \u003c7.13.1.40",
"product_id": "T047340"
}
},
{
"category": "product_version",
"name": "7.13.1.40",
"product": {
"name": "Dell PowerProtect Data Domain OS 7.13.1.40",
"product_id": "T047340-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:dell:powerprotect_data_domain_os:7.13.1.40"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.1.70",
"product": {
"name": "Dell PowerProtect Data Domain OS \u003c7.10.1.70",
"product_id": "T047341"
}
},
{
"category": "product_version",
"name": "7.10.1.70",
"product": {
"name": "Dell PowerProtect Data Domain OS 7.10.1.70",
"product_id": "T047341-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:dell:powerprotect_data_domain_os:7.10.1.70"
}
}
}
],
"category": "product_name",
"name": "PowerProtect Data Domain OS"
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-43914",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43914"
},
{
"cve": "CVE-2025-43890",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43890"
},
{
"cve": "CVE-2025-43906",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43906"
},
{
"cve": "CVE-2025-43908",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43908"
},
{
"cve": "CVE-2025-43910",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43910"
},
{
"cve": "CVE-2025-43911",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43911"
},
{
"cve": "CVE-2025-43934",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43934"
},
{
"cve": "CVE-2025-45375",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-45375"
},
{
"cve": "CVE-2025-43889",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43889"
},
{
"cve": "CVE-2025-43891",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43891"
},
{
"cve": "CVE-2025-43909",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43909"
},
{
"cve": "CVE-2025-43912",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43912"
},
{
"cve": "CVE-2025-43913",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43913"
},
{
"cve": "CVE-2025-43905",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43905"
},
{
"cve": "CVE-2025-43907",
"product_status": {
"known_affected": [
"T047339",
"T047337",
"T047338",
"T047351",
"T047340",
"T047341"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-43907"
},
{
"cve": "CVE-2025-27687",
"product_status": {
"known_affected": [
"T047339",
"T047338",
"T047351"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2025-27687"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…