CVE-2025-23374

Summary

Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

Affected Software

VendorProductVersion RangeStatus
DellEnterprise SONiC OSN/A < 4.4.1affected
DellEnterprise SONiC OSN/A < 4.2.3affected

Weaknesses

  • CWE-532: CWE-532: Insertion of Sensitive Information into Log File

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References