The flaw, tracked as CVE-2025-46608, carries a maximum CVSS severity score of 9.1, indicating an exceptionally high risk to affected environments.
| CVE ID | Product | Affected Versions | Remediated Versions | CVSS Base Score |
|---|---|---|---|---|
| CVE-2025-46608 | Dell Data Lakehouse | Versions prior to 1.6.0.0 | Version 1.6.0.0 or later | 9.1 |
The vulnerability stems from an Improper Access Control issue in Dell Data Lakehouse versions before 1.6.0.0.
According to Dell’s advisory, a highly privileged attacker with remote network access could exploit this flaw to gain elevated privileges on affected systems.
The attack requires no user interaction and operates over the network, making it a particularly dangerous threat vector.
Dell classifies this vulnerability as Critical because successful exploitation could lead to unauthorized access with elevated privileges, fundamentally compromising system integrity and potentially exposing customer data to theft or manipulation.
The CVSS vector string (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) indicates that while the vulnerability requires high-level privileges to initiate the attack, once exploited, it could impact confidentiality, integrity, and availability across the entire system and its connected resources.
Organizations running Dell Data Lakehouse versions before 1.6.0.0 are immediately at risk.
Dell has issued security advisory DSA-2025-375, outlining the scope of affected deployments and providing mitigation guidance.
The recommended remediation path is straightforward: upgrade to Dell Data Lakehouse version 1.6.0.0 or later as soon as possible.
Given the severity rating and the requirement for high-level privileges to execute the attack, organizations should treat this vulnerability with urgency.
Security teams should immediately inventory their Dell Data Lakehouse deployments to identify all affected instances and assess the business continuity impacts of applying patches.
Additionally, organizations should monitor their systems for suspicious activity involving high-privileged accounts, as this could indicate exploitation attempts.
Consider implementing enhanced monitoring and access controls around administrative accounts until patching is complete.
Dell’s swift disclosure and clear remediation path provide security teams with the information needed to act decisively.
Organizations should treat the upgrade to version 1.6.0.0 as a critical priority to eliminate this significant security risk from their infrastructure.
Find this Story Interesting! Follow us on Google News, LinkedIn and X to Get More Instant Updates
The post Critical Dell Data Lakehouse Vulnerability Allows Remote Privilege Escalation appeared first on Cyber Security News.
It's been a few months since Brandon Sanderson officially confirmed he'd be working with Apple…
Cooler Master's NR2 series PCs offer plenty of gaming prowess in a compact 18-liter chassis.…
One of the biggest debates surrounding the Switch 2 has been whether the console has…
A bunch of popular PC titles are discounted today, including our top game of 2025,…
Subnautica 2 has hit almost half a million concurrent players on Steam in its first…
A cybercrime operation is turning software supply chain attacks into a public competition. TeamPCP, in…
This website uses cookies.