CVE-2025-43914
📋 TL;DR
Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems contain an Incorrect Privilege Assignment vulnerability (CWE-266). A local attacker with low privileges could exploit this to gain unauthorized access to restricted resources. Affected systems include Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 version 8.3.1.0, LTS2024 versions 7.13.1.0 through 7.13.1.30, and LTS 2023 versions 7.10.1.0 through 7.10.1.60.
💻 Affected Systems
- Dell PowerProtect Data Domain BoostFS
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Local attacker escalates privileges to root or gains unauthorized access to sensitive data and system controls.
Likely Case
Local user bypasses intended restrictions to access files or directories they shouldn't have permission to view or modify.
If Mitigated
Attack limited to authorized local users only, with minimal impact if proper access controls and monitoring are in place.
🎯 Exploit Status
Exploitation requires local access with some privileges; no authentication bypass.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Dell advisory DSA-2025-333 for specific fixed versions
Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000376224/dsa-2025-333-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities
Restart Required: Yes
Instructions:
1. Review Dell advisory DSA-2025-333. 2. Apply the recommended updates from Dell support. 3. Restart affected systems to complete patching.
🔧 Temporary Workarounds
Restrict Local Access
linuxLimit local user accounts and implement strict access controls to reduce attack surface.
# Review and remove unnecessary local users
sudo userdel <username>
# Implement sudo restrictions
sudo visudo
🧯 If You Can't Patch
- Implement strict least-privilege access controls for all local users.
- Monitor system logs for unauthorized access attempts and privilege escalation activities.
🔍 How to Verify
Check if Vulnerable:
Check installed BoostFS version against affected ranges in Dell advisory.Check Version:
dpkg -l | grep boostfsVerify Fix Applied:
Verify version is updated beyond affected ranges and test access controls.📡 Detection & Monitoring
Log Indicators:
- Failed or successful privilege escalation attempts in system logs
- Unauthorized file access by low-privilege users
Network Indicators:
- N/A - local vulnerability
SIEM Query:
source="syslog" AND (event="privilege escalation" OR event="unauthorized access")