Incorrect Default Permissions in Dell Trusted Device Software
CVE-2025-29984

6.7MEDIUM

Key Information:

Vendor: Dell
Status: Dell Trusted Device Client
Vendor: CVE Published:; 15 April 2025

Summary

The Dell Trusted Device software, specifically versions prior to 7.0.3.0, is susceptible to a vulnerability characterized by incorrect default permissions. This flaw allows a low privileged attacker with local access to potentially manipulate the system, leading to an unauthorized elevation of privileges. Users of affected versions should be aware of potential security risks and apply the necessary updates.

Affected Version(s)

Dell Trusted Device Client < 7.0.3.0

References

https://www.dell.com/support/kbdoc/en-us/000299528/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 15, 2025
Vulnerability Reserved
Mar 13, 2025

Credit

Dell Technologies would like to thank falconCorrup for reporting these issues.