Login Sign Up

CVE-2025-43722

6.7 MEDIUM

📋 TL;DR

Dell PowerScale OneFS versions before 9.12.0.0 have a privilege escalation vulnerability where a high-privileged local attacker can gain additional system privileges. This affects organizations using vulnerable Dell PowerScale storage systems with local administrative access.

💻 Affected Systems

Products:
  • Dell PowerScale OneFS
Versions: All versions prior to 9.12.0.0
Operating Systems: OneFS operating system
Default Config Vulnerable: ⚠️ Yes
Notes: Affects PowerScale storage clusters running vulnerable OneFS versions. Requires local access with existing high privileges.

📦 What is this software?

Powerscale Onefs by Dell

View all CVEs affecting Powerscale Onefs →

Powerscale Onefs by Dell

View all CVEs affecting Powerscale Onefs →

Powerscale Onefs by Dell

View all CVEs affecting Powerscale Onefs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

A malicious insider or compromised administrator account could gain full system control, potentially accessing sensitive data, disrupting operations, or establishing persistence.

🟠

Likely Case

Privileged users exploiting the vulnerability to bypass intended access controls and perform unauthorized actions within the storage system.

🟢

If Mitigated

With proper access controls and monitoring, exploitation would be limited to authorized administrative sessions and detectable through audit logs.

🌐 Internet-Facing: LOW - Requires local access to the PowerScale system, which typically isn't directly internet-exposed.
🏢 Internal Only: HIGH - Affects internal storage infrastructure where privileged users could exploit the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and existing high privileges. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 9.12.0.0 or later

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000363686/dsa-2025-319-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities

Restart Required: No

Instructions:

1. Review Dell advisory DSA-2025-319. 2. Upgrade PowerScale OneFS to version 9.12.0.0 or later. 3. Follow Dell's upgrade procedures for PowerScale clusters.

🔧 Temporary Workarounds

Restrict local administrative access

all

Limit the number of users with local administrative privileges to only those who absolutely require it.

🧯 If You Can't Patch

  • Implement strict access controls and monitor all privileged user activity
  • Segment PowerScale systems from general network access and limit administrative interfaces

🔍 How to Verify

Check if Vulnerable:

Check OneFS version via SSH: 'isi version' or through PowerScale web interface

Check Version:

isi version

Verify Fix Applied:

Confirm version is 9.12.0.0 or later using 'isi version' command

📡 Detection & Monitoring

Log Indicators:

  • Unusual privilege escalation attempts in audit logs
  • Unexpected administrative actions from privileged accounts

Network Indicators:

  • Unusual administrative access patterns to PowerScale management interfaces

SIEM Query:

source="powerscale" AND (event_type="privilege_escalation" OR user="admin" AND action="elevate")

📊 Metadata

CVE ID: CVE-2025-43722
CVSS v3 Score: 6.7 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-269
EPSS Score: 0.01% exploit probability (2th percentile)
Published: September 8, 2025
Last Updated: February 20, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-43722, you might also want to check these:

CVE-2023-48419 10.0

This vulnerability allows an attacker within Wi-Fi range of a Google Home device to spy on the victi...

Same vulnerability type (CWE-269)
CVE-2025-20282 10.0

This critical vulnerability in Cisco ISE and ISE-PIC allows unauthenticated remote attackers to uplo...

Same vulnerability type (CWE-269)
CVE-2022-24783 10.0

This critical vulnerability in Deno runtime allows malicious code to bypass all permission checks an...

Same vulnerability type (CWE-269)