Privilege Escalation Vulnerability in Dell CloudLink Software
CVE-2025-45378

9.1CRITICAL

Key Information:

Vendor: Dell
Status: ClouD-Link
Vendor: CVE Published:; 5 November 2025

What is CVE-2025-45378?

Dell CloudLink versions 8.0 through 8.1.2 are affected by a vulnerability that allows a privileged user to access the command shell of the CloudLink server. If the server has SSH enabled and web credentials are known, an attacker can exploit this vulnerability over the network. This can lead to unauthorized access and the escalation of privileges, allowing the potential for severe security breaches within the system.

Affected Version(s)

CloudLink 8.0 < 8.2

References

https://www.dell.com/support/kbdoc/en-us/000384363/dsa-20...

vendor-advisory

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 5, 2025
Vulnerability Reserved
Apr 22, 2025

JSON