Dell Technologies has disclosed three critical vulnerabilities in its Storage Manager software that could allow attackers to bypass authentication, disclose sensitive information, and gain unauthorized access to systems.
These flaws affect versions up to 20.1.21 and pose significant risks to organizations relying on the tool for managing storage arrays.
With CVSS scores ranging from 6.5 to 9.8, the vulnerabilities highlight ongoing challenges in securing management interfaces, potentially enabling remote exploitation without user interaction.
Critical Authentication Bypass Discovered
The most severe issue, CVE-2025-43995, carries a CVSS base score of 9.8, classifying it as critical. This improper authentication flaw resides in the DSM Data Collector component.
An unauthenticated attacker with remote access can exploit exposed APIs in the ApiProxy.war file within DataCollectorEar.ear by crafting a special SessionKey and UserId.
These credentials leverage special users created in the Compellent Services API for internal purposes, allowing attackers to sidestep protection mechanisms entirely.
Exploitation could lead to full system compromise, including high confidentiality, integrity, and availability impacts, as detailed in its vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Remote attackers could gain complete control over storage infrastructure without needing any prior authentication or user interaction, making this vulnerability particularly dangerous for exposed systems.
Complementing this is CVE-2025-43994, scored at 8.6, which involves a missing authentication check for a critical function.
Again targeting DSM 20.1.21, this vulnerability enables unauthenticated remote attackers to trigger information disclosure while also disrupting service availability.
The CVSS vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H indicates low complexity and no privileges needed, making it a prime target for opportunistic hackers.
Attackers could extract configuration data or operational details, paving the way for broader network intrusions.
A third vulnerability, CVE-2025-46425, affects version 20.1.20 and introduces an improper restriction of XML external entity references, earning a 6.5 score.
While requiring low privileges, a remote attacker could exploit this to read sensitive files, leading to unauthorized access without impacting integrity or availability directly.
This XXE flaw underscores the dangers of parsing untrusted XML inputs in storage management tools.
Dell Storage Manager Vulnerabilities CVE Summary
| CVE ID | Description | CVSS Base Score | Vector String |
|---|---|---|---|
| CVE-2025-43995 | Improper Authentication (Bypass) | 9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CVE-2025-43994 | Missing Authentication (Disclosure) | 8.6 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H |
| CVE-2025-46425 | XXE Reference Vulnerability | 6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Dell urges customers to evaluate risks using both base and environmental CVSS scores, emphasizing immediate updates.
Affected products include Dell Storage Manager versions before 2020 R1.21, with remediation available in version 2020 R1.22 or later, downloadable from Dell’s support site for Storage SC2000 drivers.
The advisory was revised on the same day to refine remediation guidance.
Credit goes to Tenable for discovering CVE-2025-43994 and CVE-2025-43995, and to independent researcher Ahmed Y. Elmogy for CVE-2025-46425.
No active exploitation has been reported yet, but the ease of remote access makes swift action essential to prevent potential breaches.
Cyber Awareness Month Offer: Upskill With 100+ Premium Cybersecurity Courses From EHA's Diamond Membership: Join Today
%20(1).webp?resize=1600,900&ssl=1&description=Critical+Dell+Storage+Manager+Bugs+Enable+Remote+System+Compromise){kind=link}