CVE 9.1 CRITICAL

CVE-2025-46608_CVE-2025-46608

November 12, 2025 invoker category_cve

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Description

Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. This vulnerability is considered Critical, as it may result in unauthorized access with elevated privileges, compromising system integrity and customer data. Dell recommends customers upgrade to the latest version at the earliest opportunity.

AI Analysis

Elevation of privileges due to Improper Access Control vulnerability in Dell Data Lakehouse

Basic Information

ID CVE-2025-46608

Source dell

Published Nov 12, 2025 at 20:12

Affected Product

Vendor Dell

Product Data Lakehouse

Version N/A

Affected Versions Dell Data Lakehouse N/A

CWE Classification

CWE-284

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor Dell

Product Data Lakehouse

Version Prior to 1.6.0.0

References

www.dell.com /support/kbdoc/en-us/000390529/dsa-2025-375-security-update-for-dell-data-lakehouse-multiple-vulnerabilities

{
    "lastseen": "",
    "description": "Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. This vulnerability is considered Critical, as it may result in unauthorized access with elevated privileges, compromising system integrity and customer data. Dell recommends customers upgrade to the latest version at the earliest opportunity.",
    "published": "2025-11-12T20:12:59.795Z",
    "modified": "2025-11-12T20:12:59.795Z",
    "type": "cve",
    "title": "CVE-2025-46608",
    "source": "dell",
    "references": "https://www.dell.com/support/kbdoc/en-us/000390529/dsa-2025-375-security-update-for-dell-data-lakehouse-multiple-vulnerabilities",
    "id": "CVE-2025-46608",
    "bulletinFamily": "",
    "cwe": [
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "Dell Data Lakehouse N/A",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Data Lakehouse",
    "version": "N/A",
    "vendor": "Dell",
    "ai_description": "Elevation of privileges due to Improper Access Control vulnerability in Dell Data Lakehouse",
    "ai_severity": "Critical",
    "ai_vendor": "Dell",
    "ai_product": "Data Lakehouse",
    "ai_version": "Prior to 1.6.0.0",
    "ai_score": 9.1
}

💭 Join the Security Discussion ❌ Cancel Reply