HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2025-29986

CVSS 8.3v3.1pub. 2025-04-08upd. 2025-07-15

Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Common Anti-Virus Agent (CAVA). An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
  • Dell Common Event Enabler

    APP
    Dell
    9.0.0.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2024-28964HIGH7.8ten sam produkt

Dell Common Event Enabler, version 8.9.10.0 and prior, contain an insecure deserialization vulnerability in CA...

CVE-2023-32477HIGH7.8ten sam produkt

Dell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. A ...

CVE-2025-29985MEDIUM6.5ten sam produkt

Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Initialization of a Resource with an Insecure...

CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)

CVE-2026-41120CRITICAL9.8PL ✓ten sam vendor

RCE w Dell Wyse Management Suite — akceptacja niezaufanych danych