CVE-2025-32747

Summary

Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

Affected Software

VendorProductVersion RangeStatus
DellPowerFlex Manager (Appliance)0 < IC 48.378.00affected
DellPowerFlex Manager (Appliance)0 < IC 48.383.00affected
DellPowerFlex Manager (Rack)0 < 3.7.8.0affected
DellPowerFlex Manager (Rack)0 < 3.8.3.0affected
DellPowerFlex Manager0 <= 4.6.2affected

Weaknesses

  • CWE-266: CWE-266: Incorrect Privilege Assignment

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References