CVE-2025-45378

9.1CRITICAL

Key Information:

Vendor: Dell
Status: ClouD-Link
Vendor: CVE Published:; 5 November 2025

What is CVE-2025-45378?

Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system.

If ssh is enabled with web credentials of server, attack is possible through network with known privileged user/password.

Affected Version(s)

CloudLink 8.0 < 8.2

References

https://www.dell.com/support/kbdoc/en-us/000384363/dsa-20...

vendor-advisory

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 5, 2025
Vulnerability Reserved
Apr 22, 2025

JSON