CVE-2025-21111

Q: What is the severity of CVE-2025-21111?

CVE-2025-21111 has a CVSS score of 7.5 (HIGH). Dell VxRail versions 8.0.000 through 8.0.311 store passwords in plaintext, allowing high-privileged attackers with local access to read sensitive credentials. This vulnerability exposes authentication information that could be used for further system compromise. Only organizations running affected VxRail versions are impacted.

7.5 HIGH

📋 TL;DR

Dell VxRail versions 8.0.000 through 8.0.311 store passwords in plaintext, allowing high-privileged attackers with local access to read sensitive credentials. This vulnerability exposes authentication information that could be used for further system compromise. Only organizations running affected VxRail versions are impacted.

💻 Affected Systems

Products:

Dell VxRail

Versions: 8.0.000 through 8.0.311

Operating Systems: VxRail-specific OS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires local access and high privileges to exploit.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with local administrative access could extract plaintext passwords, potentially gaining access to other systems or escalating privileges across the infrastructure.

🟠

Likely Case

A malicious insider or compromised administrator account could harvest credentials stored in plaintext, leading to lateral movement within the environment.

🟢

If Mitigated

With proper access controls and monitoring, the impact is limited to credential exposure without immediate system takeover.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access and high privileges, making it more suitable for insider threats or post-compromise scenarios.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to VxRail version 8.0.312 or later

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000269958/dsa-2025-025-security-update-for-dell-vxrail-for-multiple-vulnerabilities

Restart Required: No

Instructions:

1. Review Dell advisory DSA-2025-025. 2. Apply the VxRail update to version 8.0.312 or later. 3. Verify the update was successful.

🔧 Temporary Workarounds

Restrict Local Access

all

Limit local administrative access to VxRail systems to only necessary personnel.

Enhanced Monitoring

all

Implement strict monitoring of local administrative activities on VxRail systems.

🧯 If You Can't Patch

Implement strict access controls to limit local administrative access to VxRail systems.
Monitor for unusual local administrative activity and credential access attempts.

🔍 How to Verify

Check if Vulnerable:

Check VxRail version via the VxRail Manager interface or CLI. If version is between 8.0.000 and 8.0.311, the system is vulnerable.

Check Version:

vxrail version

Verify Fix Applied:

Confirm VxRail version is 8.0.312 or later after applying the update.

📡 Detection & Monitoring

Log Indicators:

Unusual local administrative access to VxRail systems
Access to files containing credential information

Network Indicators:

N/A - local access vulnerability

SIEM Query:

source="vxrail" AND (event_type="local_login" OR file_access="*password*")

📊 Metadata

CVE ID: CVE-2025-21111

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-256

EPSS Score: 0.02% exploit probability (5th percentile)

Published: January 8, 2025

Last Updated: January 24, 2025

🔗 References

https://www.dell.com/support/kbdoc/en-us/000269958/dsa-2025-025-security-update-for-dell-vxrail-for-multiple-vulnerabilities Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Vxrail D560 Firmware by Dell

Vxrail D560f Firmware by Dell

Vxrail E460 Firmware by Dell

Vxrail E560 Firmware by Dell

Vxrail E560 Vcf Firmware by Dell

Vxrail E560f Firmware by Dell

Vxrail E560f Vcf Firmware by Dell

Vxrail E560n Firmware by Dell

Vxrail E560n Vcf Firmware by Dell

Vxrail E660 Firmware by Dell

Vxrail E660f Firmware by Dell

Vxrail E660n Firmware by Dell

Vxrail E665 Firmware by Dell

Vxrail E665f Firmware by Dell

Vxrail E665n Firmware by Dell

Vxrail G560 Firmware by Dell

Vxrail G560 Vcf Firmware by Dell

Vxrail G560f Firmware by Dell

Vxrail P470 Firmware by Dell

Vxrail P570 Firmware by Dell

Vxrail P570 Vcf Firmware by Dell

Vxrail P570f Firmware by Dell

Vxrail P570f Vcf Firmware by Dell

Vxrail P580n Firmware by Dell

Vxrail P580n Vcf Firmware by Dell

Vxrail P670f Firmware by Dell

Vxrail P670n Firmware by Dell

Vxrail P675f Firmware by Dell

Vxrail P675n Firmware by Dell

Vxrail S470 Firmware by Dell

Vxrail S570 Firmware by Dell

Vxrail S570 Vcf Firmware by Dell

Vxrail S670 Firmware by Dell

Vxrail V470 Firmware by Dell

Vxrail V570 Firmware by Dell

Vxrail V570 Vcf Firmware by Dell

Vxrail V670f Firmware by Dell

Vxrail Vd 4000r Firmware by Dell

Vxrail Vd 4000w Firmware by Dell

Vxrail Vd 4000z Firmware by Dell

Vxrail Vd 4510c Firmware by Dell

Vxrail Vd 4520c Firmware by Dell