CVE-2025-43722

Published: Sep 8, 2025Modified: Feb 20, 2026

6.7

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: security_alert@emc.com (Secondary)

Description

Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.

Affected (3)

Products: Dell: Powerscale Onefs

Dell

1 product

Powerscale Onefs

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Dell Powerscale Onefs	From 9.8.0.0 to 9.10.1.3
Dell Powerscale Onefs	From 9.11.0.0 to 9.12.0.0
Dell Powerscale Onefs	From 9.5.0.0 to 9.7.1.10

Related CWEs

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (1)

https://www.dell.com/support/kbdoc/en-us/000363686/dsa-2025-319-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities

Source: security_alert@emc.com

Vendor Advisory

Timeline

No history available yet.