CVE-2025-31361 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability

🗓️ 17 Nov 2025 22:54:06Reported by talosType

Privilege escalation in Dell ControlVault3 and Dell ControlVault3 Plus via WinBioControlUnit calls before patches.

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2025-31361	17 Nov 202514:30	–	circl
CNNVD	Dell ControlVault3和Dell ControlVault3 Plus 安全漏洞	17 Nov 202500:00	–	cnnvd
CVE	CVE-2025-31361	17 Nov 202522:54	–	cve
Tenable Nessus	ControlVault3 Driver 5.15.14.19 / 6.2.36.47 Multiple Vulnerabilities (DSA-2025-228)	20 Nov 202500:00	–	nessus
EUVD	EUVD-2025-197899	17 Nov 202522:54	–	euvd
NVD	CVE-2025-31361	17 Nov 202523:15	–	nvd
Positive Technologies	PT-2025-47225	17 Nov 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-31361	19 Nov 202500:10	–	redhatcve
Talos	Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability	17 Nov 202500:00	–	talos
Talos Blog	Dell ControlVault, Lasso, GL.iNet vulnerabilities	26 Nov 202518:36	–	talosblog

[
  {
    "defaultStatus": "unaffected",
    "product": "BCM5820X",
    "vendor": "Broadcom",
    "versions": [
      {
        "status": "affected",
        "version": "NA"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "ControlVault3",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "5.15.14.19",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "ControlVault3 Plus",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "6.2.36.47",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
dell	www.dell.com/support/kbdoc/en-us/000326061/dsa-2025-228
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2025-2174

17 Nov 2025 22:55Current

CVSS 3.18.7

EPSS0.00017

CWE-908