SecuriTricks - CVE-2025-36462

Description

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 3 (`WBIO_USH_CREATE_CHALLENGE`) with an invalid `ReceiveBuferSize`.

Product(s) Impacted

Vendor	Product	Versions
Dell	Controlvault3 Controlvault3 Plus	<5.15.14.19 <6.2.36.47

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-805

Buffer Access with Incorrect Length Value

The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	dell	controlvault3	<5.15.14.19	/	/	/	/	/	/	/
a	dell	controlvault3_plus	<6.2.36.47	/	/	/	/	/	/	/

References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2175

https://www.dell.com/support/kbdoc/en-us/000326061/dsa-2025-228

CVSS Score

7.3 / 10

CVSS Data - 3.1

Attack Vector: LOCAL
Attack Complexity: LOW
Privileges Required: LOW
Scope: UNCHANGED
Confidentiality Impact: HIGH
Integrity Impact: HIGH
Availability Impact: HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

View Vector String

Timeline

Published: Nov. 17, 2025, 11:15 p.m.
Last Modified: Nov. 18, 2025, 2:06 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

talos-cna@cisco.com

CVE-2025-36462