Improper Handling of Permissions in Dell Repository Manager
CVE-2025-45376

7.5HIGH

Key Information:

Vendor: Dell
Status: Dell Repository Manager (drm)
Vendor: CVE Published:; 29 September 2025

What is CVE-2025-45376?

Dell Repository Manager versions 3.4.7 and 3.4.8 present a security concern due to improper handling of permissions, allowing low privileged attackers who have local access to exploit this vulnerability. This could result in unauthorized elevation of privileges, compromising the system's integrity. Users are advised to review their systems and apply relevant security updates to mitigate potential risks.

Affected Version(s)

Dell Repository Manager (DRM) 3.4.7 < 3.4.9

References

https://www.dell.com/support/kbdoc/en-us/000375461/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 29, 2025
Vulnerability Reserved
Apr 22, 2025

Credit

Dell would like to thank Ouallaout Noureddine for reporting this issue

JSON