CVE-2025-46424

CVSS 6.7 MEDIUMEPSS 0.1%CWE-1240

In short

Dell CloudLink versions before 8.2 use a weak cryptographic method that could allow a privileged attacker to disrupt the service and make it unavailable.

Technical detail

A risky cryptographic primitive implementation in Dell CloudLink <8.2 allows a high-privileged attacker to trigger a Denial of Service condition. The vulnerability requires elevated privileges to exploit and impacts service availability through cryptographic mechanism abuse.

Summary generated and translated by AI from the official description.

Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Dell · CloudLink

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.dell.com/support/kbdoc/en-us/000384363/dsa-2025-374-security-update-for-dell-cloudlink-multiple-security-vulnerabilities