Command Execution Vulnerability in Dell RecoverPoint for Virtual Machines
CVE-2025-21105

6.6MEDIUM

Key Information:

Vendor: Dell
Status: Recoverpoint For Vms
Vendor: CVE Published:; 20 February 2025

Summary

Dell RecoverPoint for Virtual Machines version 6.0.X has a vulnerability that allows a low privileged attacker with local access to execute specific binaries. This could enable the attacker to perform administrative actions, such as shutting down the server or modifying configurations, potentially leading to unauthorized access to sensitive data.

Affected Version(s)

RecoverPoint for VMs 6.0 SP1

RecoverPoint for VMs 6.0 SP1 P1

RecoverPoint for VMs 6.0 SP1 P2

References

https://www.dell.com/support/kbdoc/en-us/000287503/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 20, 2025