Login Sign Up

CVE-2025-36582

4.8 MEDIUM

📋 TL;DR

Dell NetWorker versions 19.12.0.1 and earlier contain an algorithm downgrade vulnerability that allows unauthenticated remote attackers to force the use of weaker cryptographic algorithms. This could lead to information disclosure through decryption of intercepted communications. Organizations running vulnerable Dell NetWorker versions are affected.

💻 Affected Systems

Products:
  • Dell NetWorker
Versions: 19.12.0.1 and prior
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations of affected versions are vulnerable. The vulnerability exists in the negotiation mechanism for cryptographic algorithms.

📦 What is this software?

Networker by Dell

View all CVEs affecting Networker →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could decrypt sensitive backup data, configuration information, or authentication credentials transmitted over the network, potentially leading to data breaches or further system compromise.

🟠

Likely Case

Attackers intercept and decrypt network communications to access sensitive information about backup operations, system configurations, or potentially authentication data.

🟢

If Mitigated

With proper network segmentation and encryption controls, impact is limited to potential information disclosure about backup operations without access to actual backup data.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires network access to the NetWorker service and the ability to intercept or manipulate network traffic.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 19.12.0.2 or later

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000338757/dsa-2025-268-security-update-for-dell-networker-selection-of-less-secure-algorithm-during-negotiation-vulnerability

Restart Required: Yes

Instructions:

1. Download the latest NetWorker update from Dell Support. 2. Apply the patch following Dell's installation instructions. 3. Restart NetWorker services. 4. Verify the update was successful.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to NetWorker services to trusted networks only

TLS Configuration Hardening

all

Configure NetWorker to use only strong cryptographic algorithms and disable weak protocols

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate NetWorker from untrusted networks
  • Monitor network traffic for unusual patterns or attempted downgrade attacks

🔍 How to Verify

Check if Vulnerable:

Check NetWorker version via administration console or command line: nsr -v

Check Version:

nsr -v

Verify Fix Applied:

Verify version is 19.12.0.2 or later and test secure algorithm negotiation

📡 Detection & Monitoring

Log Indicators:

  • Failed cryptographic negotiations
  • Unexpected algorithm selections
  • Connection attempts from unusual sources

Network Indicators:

  • Protocol downgrade attempts
  • Unusual negotiation patterns
  • Traffic analysis showing weak algorithm usage

SIEM Query:

source="networker" AND (event_type="negotiation_failure" OR algorithm="weak_*" OR protocol_version="old_*")

📊 Metadata

CVE ID: CVE-2025-36582
CVSS v3 Score: 4.8 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CWE: CWE-757
EPSS Score: 0.08% exploit probability (22.5th percentile)
Published: July 1, 2025
Last Updated: August 14, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-36582, you might also want to check these:

CVE-2024-4995 9.8

Wapro ERP Desktop versions before 9.00.0 are vulnerable to MS SQL protocol downgrade attacks, allowi...

Same vulnerability type (CWE-757)