CVE-2025-21106

Summary

Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the system.

Affected Software

VendorProductVersion RangeStatus
DellRecoverPoint for VMs6.0 SP1affected
DellRecoverPoint for VMs6.0 SP1 P1affected
DellRecoverPoint for VMs6.0 SP1 P2affected

Weaknesses

  • CWE-276: CWE-276: Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References