Security Advisory

CVE-2025-31649

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-17 22:55:15
Last updated 2026-02-26 16:56:51
Assigner talos
State PUBLISHED

Description

A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call to trigger this vulnerability.