Dell ControlVault3 CvManager buffer overflow vulnerability_CVE-2025-36553

8.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability.

AI Analysis

Buffer overflow vulnerability in Dell ControlVault3 CvManager functionality

Basic Information

ID CVE-2025-36553

Source talos

Published Nov 17, 2025 at 22:26

Modified Nov 17, 2025 at 23:05

Affected Product

Vendor Broadcom

Product BCM5820X

Version NA

Affected Versions Broadcom BCM5820X NA
Dell ControlVault3 0
Dell ControlVault3 Plus 0

CWE Classification

CWE-120

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Dell

Product ControlVault3, ControlVault3 Plus

Version prior to 5.15.14.19, prior to 6.2.36.47

References

{
    "lastseen": "",
    "description": "A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability.",
    "published": "2025-11-17T22:26:32.197Z",
    "modified": "2025-11-17T23:05:47.401Z",
    "type": "cve",
    "title": "Dell ControlVault3 CvManager buffer overflow vulnerability",
    "source": "talos",
    "references": "https://www.dell.com/support/kbdoc/en-us/000326061/dsa-2025-228\nhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2189",
    "id": "CVE-2025-36553",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120"
    ],
    "cvelist": null,
    "sourceData": "Broadcom BCM5820X NA\nDell ControlVault3 0\nDell ControlVault3 Plus 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "BCM5820X",
    "version": "NA",
    "vendor": "Broadcom",
    "ai_description": "Buffer overflow vulnerability in Dell ControlVault3 CvManager functionality",
    "ai_severity": "High",
    "ai_vendor": "Dell",
    "ai_product": "ControlVault3, ControlVault3 Plus",
    "ai_version": "prior to 5.15.14.19, prior to 6.2.36.47",
    "ai_score": 8.8
}