Cleartext Storage Vulnerability in Dell ThinOS Products
CVE-2025-32752

4.9MEDIUM

Key Information:

Vendor: Dell
Status: Thinos
Vendor: CVE Published:; 29 May 2025

What is CVE-2025-32752?

Dell ThinOS versions 2502 and earlier are susceptible to a vulnerability that allows a high-privileged attacker with physical access to the device to potentially exploit this issue. This vulnerability involves the insecure storage of sensitive information in cleartext, which can lead to unauthorized information disclosure. It is crucial for users and administrators to take immediate precautions to mitigate this risk and protect sensitive data.

Affected Version(s)

ThinOS < 2505

References

https://www.dell.com/support/kbdoc/en-us/000325632/dsa-20...

vendor-advisory

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 29, 2025
Vulnerability Reserved
Apr 10, 2025

Credit

Dell Technologies would like to thank Darren McDonald at AmberWolf for reporting this issue.