CVE-2025-36595 – Dell Unisphere for PowerMax vApp version 9.2.4.... (How to Fix)

Q: What is the severity of CVE-2025-36595?

CVE-2025-36595 has a CVSS score of 7.2 (HIGH). Dell Unisphere for PowerMax vApp version 9.2.4.x contains a static code injection vulnerability that allows high-privileged remote attackers to execute arbitrary code. This affects organizations using Dell's PowerMax storage management software. Attackers with administrative access could compromise the management interface.

📋 TL;DR

Dell Unisphere for PowerMax vApp version 9.2.4.x contains a static code injection vulnerability that allows high-privileged remote attackers to execute arbitrary code. This affects organizations using Dell's PowerMax storage management software. Attackers with administrative access could compromise the management interface.

💻 Affected Systems

Products:

Dell Unisphere for PowerMax Virtual Appliance

Versions: 9.2.4.x

Operating Systems: Virtual Appliance (Linux-based)

Default Config Vulnerable: ⚠️ Yes

Notes: Requires high-privileged attacker access; not exploitable by standard users.

📦 What is this software?

Solutions Enabler Virtual Appliance by Dell

View all CVEs affecting Solutions Enabler Virtual Appliance →

Unisphere For Powermax Virtual Appliance by Dell

View all CVEs affecting Unisphere For Powermax Virtual Appliance →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the Unisphere management system leading to data center storage infrastructure takeover, data exfiltration, or ransomware deployment.

🟠

Likely Case

Privileged attacker gains persistent access to management interface, potentially modifying storage configurations or accessing sensitive data.

🟢

If Mitigated

Limited impact due to network segmentation and strict access controls preventing unauthorized administrative access.

🌐 Internet-Facing: HIGH if exposed to internet with administrative credentials compromised.

🏢 Internal Only: MEDIUM due to requiring high-privileged access but still significant for internal threat actors.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires high-privileged credentials and understanding of the application's code injection points.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to version beyond 9.2.4.x as specified in Dell advisory

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000337554/dsa-2025-235-dell-powermaxos-dell-powermax-eem-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-unisphere-360-dell-solutions-enabler-and-dell-solutions-enabler-virtual-appliance-security-update-for-multiple-vulnerabilit

Restart Required: Yes

Instructions:

1. Review Dell advisory DSA-2025-235. 2. Download appropriate patch from Dell support portal. 3. Apply patch following Dell's documented procedures. 4. Restart Unisphere services as required.

🔧 Temporary Workarounds

Restrict Administrative Access

all

Limit administrative access to Unisphere interface to only necessary personnel using network segmentation and strict access controls.

Network Segmentation

all

Isolate Unisphere management interface from general network access and internet exposure.

🧯 If You Can't Patch

Implement strict network access controls to limit who can reach the Unisphere interface
Enforce multi-factor authentication and strong credential policies for all administrative accounts

🔍 How to Verify

Check if Vulnerable:

Check Unisphere version via web interface or CLI; if version is 9.2.4.x, system is vulnerable.

Check Version:

Check via Unisphere web interface under Help > About, or consult Dell documentation for CLI version check.

Verify Fix Applied:

Verify version has been updated beyond 9.2.4.x and check Dell advisory for specific fixed versions.

📡 Detection & Monitoring

Log Indicators:

Unusual administrative login patterns
Unexpected configuration changes
Suspicious code execution attempts in application logs

Network Indicators:

Unusual outbound connections from Unisphere appliance
Anomalous administrative access patterns

SIEM Query:

source="unisphere" AND (event_type="code_injection" OR event_type="privileged_action" OR user="admin" AND action="execute")

📊 Metadata

CVE ID: CVE-2025-36595

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-96

EPSS Score: 0.13% exploit probability (33.2th percentile)

Published: June 27, 2025

Last Updated: January 14, 2026

🔗 References

https://www.dell.com/support/kbdoc/en-us/000337554/dsa-2025-235-dell-powermaxos-dell-powermax-eem-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-unisphere-360-dell-solutions-enabler-and-dell-solutions-enabler-virtual-appliance-security-update-for-multiple-vulnerabilit Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-36595, you might also want to check these: