CVE-2025-30479
Published: 05 November 2025
Description
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Security Summary
CVE-2025-30479 is a command injection vulnerability (CWE-78) affecting Dell CloudLink in versions prior to 8.2. It allows a privileged user with a known password to execute arbitrary commands, potentially leading to full system compromise. The vulnerability has a CVSS v3.1 base score of 8.4 (AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H), indicating high severity due to its potential for complete confidentiality, integrity, and availability impacts with changed scope.
An attacker requires high privileges (PR:H) and must be on an adjacent network (AV:A) with low attack complexity and no user interaction needed. If the attacker's password is known, they can exploit the vulnerability to inject and run commands, achieving high-level control over the affected system, including unauthorized access to sensitive data, modification of system files, and disruption of services.
Dell's security advisory DSA-2025-374, detailed at https://www.dell.com/support/kbdoc/en-us/000384363/dsa-2025-374-security-update-for-dell-cloudlink-multiple-security-vulnerabilities, addresses this and other vulnerabilities in Dell CloudLink with a security update to version 8.2 or later, recommending immediate patching for affected systems.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Command injection vulnerability directly enables arbitrary command execution (T1059) via exploitation of a remote service (T1210) by a privileged adjacent-network user.