What is CVE-2025-24922?

A high-severity stack-based buffer overflow vulnerability in Dell ControlVault3 can lead to arbitrary code execution. Organizations should prioritize patching to mitigate risks associated with this vulnerability.

What is the severity of CVE-2025-24922?

CVE-2025-24922 has a severity rating of HIGH with a CVSS base score of 8.8.

CVE-2025-24922 | High Vulnerability in Dell ControlVault3

A stack-based buffer overflow vulnerability exists in the securebio_identify functionality of Dell ControlVault3 prior to version 5.15.10.14 and Dell ControlVault3 Plus prior to version 6.2.26.36. This vulnerability allows attackers to execute arbitrary code by issuing a specially crafted API call. Given the potential for significant impact, organizations should prioritize patching immediately.

With a CVSS score of 8.8, this vulnerability is classified as high severity. The risks to organizations include unauthorized access and the ability to execute arbitrary code, which can lead to further exploitation of the affected systems. The nature of the vulnerability necessitates immediate attention from security teams.

Currently, there are no known public exploits or active exploitation associated with this vulnerability. However, the high exploitability score indicates that it is critical for organizations to address this vulnerability promptly to prevent possible future attacks.

Organizations should review their systems for the affected versions of Dell ControlVault3 and implement the necessary patches to mitigate this vulnerability.

Vulnerability Details

The vulnerability allows attackers to exploit the securebio_identify functionality, leading to arbitrary code execution. The affected products include Dell ControlVault3 and Dell ControlVault3 Plus, with specific versions noted. The vulnerability has been classified under CWE-121 for stack-based buffer overflow.

The CVSS score of 8.8 reflects a high severity level, indicating a serious risk to confidentiality, integrity, and availability of the systems. The vulnerability was published on June 13, 2025.

Technical Analysis

The root cause of the vulnerability is a stack-based buffer overflow due to improper handling of input in the securebio_identify functionality. The attack vector is local, and the complexity of the attack is low. Attackers require low privileges to exploit this vulnerability, and no user interaction is necessary.

The vulnerability affects confidentiality, integrity, and availability, all rated as high. Given the nature of the vulnerability, it poses a significant risk to organizations relying on the affected Dell products.

Risk & Impact Analysis

Risk to organizations includes unauthorized access and potential complete control over affected systems. The blast radius for this vulnerability could be considerable, especially if exploited in environments where sensitive data is handled. Given its high CVSS score and the fact that it is currently unpatched, organizations should address this vulnerability in their priority patch cycle.

Organizations that utilize Dell ControlVault3 should ensure that they are running the latest patched versions. The urgency of addressing this vulnerability is underscored by its high exploitability potential, which could lead to severe breaches if not mitigated.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions of Dell ControlVault3 include all versions prior to 5.15.10.14 and Dell ControlVault3 Plus versions prior to 6.2.26.36. Organizations should verify their current versions and apply necessary patches to mitigate this vulnerability.

Mitigation & Remediation

Organizations should prioritize patching the affected systems to versions 5.15.10.14 or later for Dell ControlVault3 and 6.2.26.36 or later for Dell ControlVault3 Plus. If patches are not immediately available, organizations should implement configuration hardening and network controls to limit exposure.

For further guidance, organizations can refer to penetration testing services to validate their defenses.

Detection Guidance

Organizations should monitor for logs indicating unauthorized API calls or anomalous behavior in systems utilizing the vulnerable versions of Dell ControlVault3. Log indicators that may suggest exploitation attempts should be prioritized for analysis.

AppSecure Threat Intelligence Insight

This vulnerability represents a significant risk due to its potential for exploitation through local access. Security teams should take this as a reminder of the importance of testing and validating all components in their environment against known vulnerabilities. For further insights, organizations can explore our vulnerability management program and consider implementing a penetration testing methodology as part of their ongoing security assessments.

Additionally, organizations should look into deploying API security testing to ensure their application interfaces are secure against such vulnerabilities.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-24922: High Vulnerability in Dell ControlVault3