CVE-2025-21105
First published: Thu Feb 20 2025(Updated: )
Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down the server, modifying the configuration leading to gain access to unauthorized data.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC RecoverPoint | >=6.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2025-21105?
CVE-2025-21105 has a low severity rating, indicating the exploit requires local access and low privileges.
How do I fix CVE-2025-21105?
To fix CVE-2025-21105, update Dell RecoverPoint for Virtual Machines to the latest version provided by Dell.
Who is affected by CVE-2025-21105?
CVE-2025-21105 affects users of Dell RecoverPoint for Virtual Machines version 6.0.X.
What type of vulnerability is CVE-2025-21105?
CVE-2025-21105 is a command execution vulnerability allowing local users to perform administrative actions.
Can CVE-2025-21105 lead to system shutdowns?
Yes, CVE-2025-21105 can potentially allow a malicious user to shut down services by exploiting the command execution vulnerability.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/severity
- agent/last-modified-date
- agent/source
- agent/author
- agent/event
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/emc recoverpoint