35 matches found
CVE-2025-36462
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...
CVE-2025-31649
A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call...
CVE-2025-36460
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...
CVE-2025-32089
A buffer overflow vulnerability exists in the CvManagerSBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this...
CVE-2025-31649
A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call...
CVE-2025-32089
A buffer overflow vulnerability exists in the CvManagerSBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this...
CVE-2025-31361
A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIOUSHADDRECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue a...
EUVD-2025-197900
A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call...
CVE-2025-31361 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability
A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIOUSHADDRECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue a...
EUVD-2025-197899
A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIOUSHADDRECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue a...
CVE-2025-31361 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability
A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIOUSHADDRECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue a...
CVE-2025-36462
Mode C: Affected products are Dell ControlVault3 and Dell ControlVault3 Plus. Dell ControlVault3 is vulnerable to multiple out-of-bounds read/write issues in the Broadcom Storage Adapter (WBDI) driver when handling WinBioControlUnit, enabling memory corruption via local attacker access. Specifica...
CVE-2025-36460
Dell ControlVault3 and ControlVault3 Plus use a WBDI Storage Adapter vulnerable to multiple out-of-bounds read/write conditions via WinBioControlUnit calls (ControlCode values 2/3/4) and improper ReceiveBufferSize/SendBufferSize handling. CVE-2025-36460 (and related CVEs 36461–36463, 36462) descr...
EUVD-2025-197894
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...
CVE-2025-36460 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...
CVE-2025-32089 Dell ControlVault3 CvManager_SBI buffer overflow vulnerability
A buffer overflow vulnerability exists in the CvManagerSBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this...
CVE-2025-32089
Dell ControlVault3 and Dell ControlVault3 Plus are affected by CVE-2025-32089 (buffer overflow via CvManager_SBI). Talos notes vulnerable firmware lines include ControlVault3 and the WinBioControlUnit path; root cause is unsafe copying of CV_SECURE_IO_COMMAND_BUF in CvManager_SBI when transportLe...
EUVD-2025-197893
A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability...
Dell ControlVault3和Dell ControlVault3 Plus 安全漏洞
Dell ControlVault3 and Dell ControlVault3 Plus are both hardware-based security solutions from Dell USA. A security vulnerability exists in Dell ControlVault3 versions prior to 5.15.14.19 and Dell ControlVault3 Plus versions prior to 6.2.36.47, which originates from an out-of-bounds read/write...
PT-2025-47213
Name of the Vulnerable Software and Affected Versions Dell ControlVault3 versions prior to 5.15.14.19 Dell ControlVault3 Plus versions prior to 6.2.36.47 Description A buffer overflow exists in the CvManager SBI functionality. A specially crafted ControlVault API call can lead to arbitrary code...