Cybersecurity Vulnerabilities

Critical Dell ControlVault3 Vulnerability: CVE-2025-36462 Allows Memory Corruption

November 18, 2025 - By 

Overview

CVE-2025-36462 is a high-severity vulnerability affecting Dell ControlVault3 and ControlVault3 Plus. It involves out-of-bounds read and write issues within the Broadcom Storage Adapter functionality of the ControlVault WBDI Driver. A specially crafted WinBioControlUnit call can trigger memory corruption, potentially allowing an attacker to compromise the system.

The vulnerability exists in Dell ControlVault3 versions prior to 5.15.14.19 and Dell ControlVault3 Plus versions prior to 6.2.36.47.

Technical Details

The root cause of CVE-2025-36462 lies in insufficient bounds checking when processing WinBioControlUnit calls within the StorageAdapter. Specifically, the vulnerability is triggered when the ControlCode is set to WBIO_USH_CREATE_CHALLENGE (value 3) and the ReceiveBufferSize is greater than 0 but less than 4.

Under these conditions, the code attempts to write up to three null bytes beyond the intended boundary of the ReceiveBuffer. This out-of-bounds write can corrupt adjacent memory regions, potentially leading to unexpected program behavior, denial of service, or even arbitrary code execution.

An attacker can exploit this vulnerability by issuing a specially crafted API call to the StorageAdapter with the described parameters. The ability to trigger such a call depends on the attacker’s privileges and the specific configuration of the affected system.

CVSS Analysis

The CVSS score for CVE-2025-36462 is 7.3 (HIGH).

This score reflects the potential impact of the vulnerability, which includes the possibility of memory corruption and potential code execution. The attack vector is local, meaning that an attacker would typically need local access to the affected system to exploit the vulnerability.

CVSS vector string (example): AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Possible Impact

Successful exploitation of CVE-2025-36462 can lead to the following consequences:

  • Memory Corruption: The out-of-bounds write can corrupt critical data structures, leading to system instability.
  • Denial of Service (DoS): The corrupted memory could cause the system or specific services to crash.
  • Arbitrary Code Execution: In certain scenarios, an attacker might be able to leverage the memory corruption to execute arbitrary code with the privileges of the affected process. This is the most severe potential outcome.
  • Information Disclosure: While primarily an out-of-bounds *write*, related vulnerabilities can lead to out-of-bounds *reads*, resulting in potential information leakage.

Mitigation

The recommended mitigation is to update Dell ControlVault3 and ControlVault3 Plus to the following versions (or later):

  • Dell ControlVault3: Version 5.15.14.19
  • Dell ControlVault3 Plus: Version 6.2.36.47

Dell has released patches to address this vulnerability. Users are strongly advised to apply these updates as soon as possible to protect their systems.

References

Talos Intelligence Vulnerability Report: TALOS-2025-2175
Dell Security Advisory: DSA-2025-228

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *