CVE-2025-23382 – Dell Secure Connect Gateway (SCG) 5.0 Appliance... (How to Fix)

Q: What is the severity of CVE-2025-23382?

CVE-2025-23382 has a CVSS score of 5.5 (MEDIUM). Dell Secure Connect Gateway (SCG) 5.0 Appliance versions 5.26 expose sensitive system information to unauthorized actors. A high-privileged attacker with remote access can exploit this vulnerability to access confidential data. Organizations using the affected SCG appliance versions are impacted.

📋 TL;DR

Dell Secure Connect Gateway (SCG) 5.0 Appliance versions 5.26 expose sensitive system information to unauthorized actors. A high-privileged attacker with remote access can exploit this vulnerability to access confidential data. Organizations using the affected SCG appliance versions are impacted.

💻 Affected Systems

Products:

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS

Versions: 5.26

Operating Systems: Appliance-specific OS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects SCG 5.0 Appliance with SRS component; requires high-privileged attacker with remote access.

📦 What is this software?

Secure Connect Gateway by Dell

View all CVEs affecting Secure Connect Gateway →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain access to sensitive system information, potentially including credentials, configuration details, or other confidential data that could facilitate further attacks.

🟠

Likely Case

Information disclosure that could aid attackers in reconnaissance or planning additional attacks against the SCG appliance or connected systems.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing unauthorized access to the SCG appliance.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires high-privileged attacker with remote access; specific exploitation details not publicly disclosed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to version specified in Dell advisory

Vendor Advisory: https://www.dell.com/support/kbdoc/en-uk/000291028/dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities

Restart Required: Yes

Instructions:

1. Review Dell advisory 000291028. 2. Download and apply the security update from Dell Support. 3. Restart the SCG appliance as required. 4. Verify the update was successful.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to SCG appliance to authorized management networks only

Access Control Hardening

all

Implement strict access controls and monitor for unauthorized access attempts

🧯 If You Can't Patch

Implement strict network segmentation to isolate SCG appliance from untrusted networks
Enhance monitoring and logging for unauthorized access attempts to the SCG appliance

🔍 How to Verify

Check if Vulnerable:

Check SCG appliance version via web interface or CLI; if version is 5.26, system is vulnerable.

Check Version:

Check via SCG web interface or appliance-specific CLI commands

Verify Fix Applied:

Verify version has been updated to a patched version per Dell advisory.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to SCG appliance
Unusual data access patterns

Network Indicators:

Unexpected connections to SCG appliance management interfaces

SIEM Query:

source="scg_appliance" AND (event_type="access" OR event_type="data_export") AND user NOT IN authorized_users

📊 Metadata

CVE ID: CVE-2025-23382

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

CWE: CWE-497

EPSS Score: 0.09% exploit probability (25.9th percentile)

Published: March 19, 2025

Last Updated: May 20, 2025

🔗 References

https://www.dell.com/support/kbdoc/en-uk/000291028/dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-23382, you might also want to check these: