Insufficiently Protected Credentials in Dell Digital Delivery
CVE-2025-38739

7.2HIGH

Key Information:

Vendor: Dell
Status: Dell Digital Delivery
Vendor: CVE Published:; 4 August 2025

What is CVE-2025-38739?

Dell Digital Delivery, in its versions prior to 5.6.1.0, has a vulnerability that exposes insufficiently protected credentials. This weakness allows a remote unauthenticated attacker to exploit the system, potentially leading to the unauthorized disclosure of sensitive information. It is essential for users of Dane Digital Delivery to update their systems to the latest version to mitigate this risk.

Affected Version(s)

Dell Digital Delivery < 5.6.1.0

References

https://www.dell.com/support/kbdoc/en-us/000349489/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 4, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

Dell Technologies would like to thank l0cpd for reporting this issue.