Categories: Cyber Security News

Critical Dell Data Lakehouse Vulnerability Let Remote Attacker Escalate Privileges

Dell Technologies has disclosed a critical security vulnerability in its Data Lakehouse platform that could allow remote attackers to escalate privileges and compromise system integrity.

The flaw, tracked as CVE-2025-46608, affects all versions before 1.6.0.0 and has been assigned a CVSS score of 9.1, placing it in the critical severity category.

The security flaw stems from an improper access control vulnerability in Dell Data Lakehouse. A highly privileged attacker with remote access could exploit this weakness to elevate their privileges beyond their authorized level.

Dell Data Lakehouse Vulnerability

The vulnerability is particularly concerning because it requires low attack complexity and no user interaction. Making exploitation relatively straightforward for attackers who have already gained high-level access to the system.

The vulnerability can be exploited over the network, with a broader scope, potentially affecting resources beyond the vulnerable component.

CVE ID	Affected product	CVSS Score	Affected Versions	Patched Version
CVE-2025-46608	Dell Data Lakehouse	9.1 (Critical)	Prior to 1.6.0.0	1.6.0.0 or later

Successful exploitation could result in high impact on the security, integrity, and availability of the system.

Dell Technologies has classified this vulnerability as critical due to its potential to grant unauthorized access with elevated privileges, leading to complete compromise of system integrity and customer data.

Attackers exploiting this flaw could access sensitive information, modify critical data, or interrupt system operations.

Dell has released version 1.6.0.0 of Data Lakehouse to address this vulnerability. The company strongly recommends that all customers upgrade to the latest version immediately to mitigate the risk.

Users running affected versions should contact Dell Technical Support and reference advisory DSA-2025-375 for assistance with the upgrade process.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Critical Dell Data Lakehouse Vulnerability Let Remote Attacker Escalate Privileges appeared first on Cyber Security News.

Critical Dell Data Lakehouse Vulnerability Allows Remote Privilege Escalation

Dell Technologies has disclosed a critical security vulnerability affecting its Data Lakehouse platform that could allow attackers with high-level privileges to escalate their access and compromise system integrity. The flaw, tracked as CVE-2025-46608, carries a maximum CVSS severity score of 9.1, indicating an exceptionally high risk to affected environments. CVE…

November 13, 2025

In "Cyber Security News"

Critical Dell Storage Manager Bugs Enable Remote System Compromise

Dell Technologies has disclosed three critical vulnerabilities in its Storage Manager software that could allow attackers to bypass authentication, disclose sensitive information, and gain unauthorized access to systems. These flaws affect versions up to 20.1.21 and pose significant risks to organizations relying on the tool for managing storage arrays. With…

October 27, 2025

In "Cyber Security News"

Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges

Microsoft has issued an updated warning for a critical security vulnerability in Active Directory Domain Services, tracked as CVE-2025-21293. This flaw could permit an attacker who has already gained initial access to a system to escalate their privileges, potentially gaining complete control over the affected domain controller and undermining the…

September 10, 2025

In "Cyber Security News"

rssfeeds-admin