CVE-2025-21106 in RecoverPoint for VMsinfo

Summary

by MITRE • 02/20/2025

Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the system.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 07/31/2025

The vulnerability identified as CVE-2025-21106 affects Dell Recover Point for Virtual Machines version 6.0.X and represents a weakness in file system permissions that could be exploited by low-privileged local attackers. This issue stems from inadequate access control mechanisms within the software's file system implementation, creating potential pathways for unauthorized access to system resources. The vulnerability classification aligns with CWE-732, which specifically addresses incorrect permissions for critical resources, making it a significant concern for system security integrity.

The technical flaw manifests through insufficient file system permission controls that allow local users with minimal privileges to potentially access or manipulate files and directories that should remain restricted. This weakness enables attackers to gain unauthorized access to non-sensitive resources within the system, potentially leading to information disclosure or system compromise. The vulnerability operates at the operating system level where proper access control lists and permission models fail to adequately protect system resources from local users who may not have legitimate access rights. Attackers could exploit this weakness to read or modify files that contain configuration data or other system-related information, although the impact is limited to non-sensitive resources as specified in the vulnerability description.

From an operational impact perspective, this vulnerability creates a potential vector for privilege escalation attacks where attackers can leverage weak file system permissions to gain deeper access to the system. While the current impact is restricted to non-sensitive resources, the vulnerability could serve as a stepping stone for more sophisticated attacks that might eventually lead to access to sensitive data or system components. The low privilege requirement makes this vulnerability particularly concerning as it can be exploited by users who do not have elevated system access rights, potentially allowing for persistent access to the system. Organizations using Dell Recover Point for Virtual Machines 6.0.X should be aware that this vulnerability could be combined with other exploits to create more significant security breaches.

The security implications of CVE-2025-21106 align with ATT&CK technique T1210, which covers exploitation of remote services through local privilege escalation, though in this case the exploitation occurs locally rather than remotely. Organizations should implement immediate mitigations including updating to the latest version of Dell Recover Point for Virtual Machines where this vulnerability has been addressed. System administrators should conduct thorough permission audits to ensure that file system access controls are properly configured and that unnecessary access rights are removed. The recommended approach involves applying vendor patches, reviewing existing file system permissions, and implementing proper access control policies to prevent unauthorized access to system resources. Additionally, monitoring and logging mechanisms should be enhanced to detect any suspicious access patterns that might indicate exploitation attempts against this vulnerability.

Responsible

Dell

Reservation

11/22/2024

Disclosure

02/20/2025

Moderation

accepted

CPE

ready

EPSS

0.00129

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!