CVE 9.1 CRITICAL

CVE-2025-45378_CVE-2025-45378

November 5, 2025 invoker category_cve

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Description

Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system.

If ssh is enabled with web credentials of server, attack is possible through network with known privileged user/password.

AI Analysis

Privilege escalation vulnerability in Dell CloudLink due to a restricted shell vulnerability, allowing a privileged user with a known password to gain unauthorized access to the system.

Basic Information

ID CVE-2025-45378

Source dell

Published Nov 5, 2025 at 16:23

Modified Nov 5, 2025 at 20:05

Affected Product

Vendor Dell

Product CloudLink

Version 8.0

Affected Versions Dell CloudLink 8.0

CWE Classification

CWE-78

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor Dell

Product CloudLink

Version 8.0, 8.1, 8.1.1, 8.1.2

References

www.dell.com /support/kbdoc/en-us/000384363/dsa-2025-374-security-update-for-dell-cloudlink-multiple-security-vulnerabilities

{
    "lastseen": "",
    "description": "Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system.\n\nIf ssh is enabled with web credentials of server, attack is possible through network with known privileged user/password.",
    "published": "2025-11-05T16:23:15.673Z",
    "modified": "2025-11-05T20:05:27.089Z",
    "type": "cve",
    "title": "CVE-2025-45378",
    "source": "dell",
    "references": "https://www.dell.com/support/kbdoc/en-us/000384363/dsa-2025-374-security-update-for-dell-cloudlink-multiple-security-vulnerabilities",
    "id": "CVE-2025-45378",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "Dell CloudLink 8.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "CloudLink",
    "version": "8.0",
    "vendor": "Dell",
    "ai_description": "Privilege escalation vulnerability in Dell CloudLink due to a restricted shell vulnerability, allowing a privileged user with a known password to gain unauthorized access to the system.",
    "ai_severity": "Critical",
    "ai_vendor": "Dell",
    "ai_product": "CloudLink",
    "ai_version": "8.0, 8.1, 8.1.1, 8.1.2",
    "ai_score": 9.1
}

💭 Join the Security Discussion ❌ Cancel Reply