Improper Link Resolution Vulnerability in Dell Encryption Software
CVE-2025-46637

7.3HIGH

Key Information:

Vendor: Dell
Status: Dell Encryption
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-46637?

Dell Encryption prior to version 11.12.1 has a vulnerability that allows local malicious users to exploit improper link resolution before file access. This could potentially enable them to escalate privileges on the affected system. Users are strongly urged to update to the latest software version to mitigate this risk and enhance their security posture.

Affected Version(s)

Dell Encryption < 11.12.1

References

https://www.dell.com/support/kbdoc/en-us/000394657/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Apr 26, 2025

Credit

Dell Technologies would like to thank falconCorrup for reporting these issues

JSON