A critical security vulnerability in Dell PowerStore T series storage systems could allow attackers to bypass authentication mechanisms and gain unauthorized access to sensitive data.
Tracked as CVE-2025-36572, the flaw stems from hard-coded credentials embedded in the PowerStore OS image file, enabling remote exploitation under specific conditions.
Dell has released patches for all affected systems, urging administrators to update to version 4.0.1.3-2494147 immediately to mitigate risks.
The CVE-2025-36572 vulnerability resides in Dell’s proprietary PowerStoreT OS software, specifically within the image file used across multiple PowerStore T models.
Attackers with knowledge of the hard-coded credentials—potentially obtainable through reverse engineering or insider access—could exploit this flaw to log into vulnerable systems remotely without requiring elevated privileges.
The Common Vulnerability Scoring System (CVSS v3.1) assigns a base score of 6.5, classifying the risk as medium severity due to its network-based attack vector (AV:N) and low attack complexity (AC:L).
While the vulnerability does not permit direct system takeover or data manipulation, compromised credentials could expose configuration details, performance metrics, and administrative interfaces.
This creates lateral movement opportunities within enterprise networks, particularly in multi-tenant storage environments.
Notably, the flaw affects PowerStore OS versions prior to 4.0.1.3-2494147, with patches available for all 11 impacted hardware models.
Third-party components like OpenSSL, libxml2, and the Linux kernel also contained vulnerabilities, though Dell’s advisory prioritizes remediation of its proprietary code flaw.
Security vulnerabilities in Dell
Dell’s security bulletin confirms the vulnerability impacts 11 PowerStore T series models designed for enterprise-scale storage workloads. The affected product list includes:
- PowerStore 500T, 1000T, 1200T.
- PowerStore 3000T, 3200Q, 3200T.
- PowerStore 5000T, 5200T, 7000T, 9000T, and 9200T.
Organizations using these systems for sensitive data storage—including healthcare records, financial transactions, or intellectual property—face heightened exposure.
Exploitation could facilitate data exfiltration, service disruptions, or reconnaissance activities preceding advanced attacks.
The advisory emphasizes that attackers require prior access to target networks, making perimeter security and access controls critical mitigating factors.
However, cloud-based deployments and hybrid architectures may face increased risks due to inherent remote accessibility.
Mitigations
Dell’s primary remediation directive involves upgrading all affected PowerStore T systems to OS version 4.0.1.3-2494147, which eliminates the hard-coded credentials.
Administrators can obtain patched firmware through Dell’s support portal, with detailed installation guidelines provided for each model.
For systems awaiting updates, Dell recommends implementing network segmentation, restricting SSH/RDP access to management interfaces, and auditing authentication logs for unexpected login attempts.
The company also advises reviewing third-party component vulnerabilities listed in the advisory, including 78 kernel CVEs and critical flaws in libsoup (CVE-2024-52530/52532/52531) and OpenSSL (CVE-2024-13176).
While these appear less exploitable than CVE-2025-36572, their coexistence with the primary flaw could enable attack chain escalation.
Organizations should prioritize comprehensive vulnerability assessments, particularly for systems handling regulated data under HIPAA, PCI DSS, or GDPR mandates.
Dell’s coordinated disclosure timeline shows the vulnerability was identified internally and patched within standard response cycles, with no active exploits observed as of the May 27, 2025 advisory.
However, the public release of technical details increases likelihood of weaponization, necessitating urgent action from infrastructure teams.
As storage systems increasingly become attack targets, this incident underscores the importance of firmware lifecycle management and zero-trust architecture principles in modern data centers.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
