CVE-2025-24919 – Dell ControlVault3/ControlVault3 Plus Deserialization of Untrusted Input Remote Code Execution Vulnerability

June 13, 2025

CVE ID : CVE-2025-24919

Published : June 13, 2025, 10:15 p.m. | 3 hours, 14 minutes ago

Description : A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality of Dell ControlVault3 prior to 5.15.10.14 and ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault response to a command can lead to arbitrary code execution. An attacker can compromise a ControlVault firmware and have it craft a malicious response to trigger this vulnerability.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-25215 – Dell ControlVault3/Dell ControlVault3 Plus: Arbitrary Free Vulnerability

Next Article Ransomware or Espionage? Fog Ransomware Attack in Asia Raises Suspicion with Rare Toolset

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-24919 – Dell ControlVault3/ControlVault3 Plus Deserialization of Untrusted Input Remote Code Execution Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Distribution Release: Mauna Linux 24.7

CVE-2025-5439 – “Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 Facebook Like Command Injection Vulnerability”

CVE-2025-49091 – KDE Konsole Remote Code Execution Vulnerability

100,000+ WordPress Sites Exposed to Privilege Escalation Attacks via MCP AI Engine

CVE-2025-48890 – Western Digital WRH-733 Miniigd OS Command Injection

CVE-2025-53513 – Juju Charm Zip Slip Unauthorized Upload Vulnerability

Laravel in the First Half of 2025

Citrix NetScaler ADC and Gateway Vulnerabilities Allow Attackers to Access Sensitive Data

CVE-2025-24919 – Dell ControlVault3/ControlVault3 Plus Deserialization of Untrusted Input Remote Code Execution Vulnerability

Related Posts