Critical Dell Data Lakehouse Vulnerability Allows Remote Privilege Escalation

Dell Technologies has disclosed a critical security vulnerability affecting its Data Lakehouse platform that could allow attackers with high-level privileges to escalate their access and compromise system integrity.

The flaw, tracked as CVE-2025-46608, carries a maximum CVSS severity score of 9.1, indicating an exceptionally high risk to affected environments.

CVE ID	Product	Affected Versions	Remediated Versions	CVSS Base Score
CVE-2025-46608	Dell Data Lakehouse	Versions prior to 1.6.0.0	Version 1.6.0.0 or later	9.1

The vulnerability stems from an Improper Access Control issue in Dell Data Lakehouse versions before 1.6.0.0.

According to Dell’s advisory, a highly privileged attacker with remote network access could exploit this flaw to gain elevated privileges on affected systems.

The attack requires no user interaction and operates over the network, making it a particularly dangerous threat vector.

Dell classifies this vulnerability as Critical because successful exploitation could lead to unauthorized access with elevated privileges, fundamentally compromising system integrity and potentially exposing customer data to theft or manipulation.

The CVSS vector string (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) indicates that while the vulnerability requires high-level privileges to initiate the attack, once exploited, it could impact confidentiality, integrity, and availability across the entire system and its connected resources.

Organizations running Dell Data Lakehouse versions before 1.6.0.0 are immediately at risk.

Dell has issued security advisory DSA-2025-375, outlining the scope of affected deployments and providing mitigation guidance.

The recommended remediation path is straightforward: upgrade to Dell Data Lakehouse version 1.6.0.0 or later as soon as possible.

Given the severity rating and the requirement for high-level privileges to execute the attack, organizations should treat this vulnerability with urgency.

Security teams should immediately inventory their Dell Data Lakehouse deployments to identify all affected instances and assess the business continuity impacts of applying patches.

Additionally, organizations should monitor their systems for suspicious activity involving high-privileged accounts, as this could indicate exploitation attempts.

Consider implementing enhanced monitoring and access controls around administrative accounts until patching is complete.

Dell’s swift disclosure and clear remediation path provide security teams with the information needed to act decisively.

Organizations should treat the upgrade to version 1.6.0.0 as a critical priority to eliminate this significant security risk from their infrastructure.

Find this Story Interesting! Follow us on Google News, LinkedIn and X to Get More Instant Updates

The post Critical Dell Data Lakehouse Vulnerability Allows Remote Privilege Escalation appeared first on Cyber Security News.