CVE-2025-21102
Published: 08 January 2025
Summary
CVE-2025-21102 is a high-severity Plaintext Storage of a Password (CWE-256) vulnerability in Dell Vxrail D560 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Unsecured Credentials (T1552); ranked at the 14.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-28 (Protection of Information at Rest).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SC-28 requires cryptographic or other protections for sensitive information at rest, directly mitigating plaintext storage of passwords and preventing information exposure.
IA-5 mandates secure management and storage of authenticators including passwords, commensurate with their sensitivity, preventing unauthorized access to plaintext credentials.
SI-2 requires timely identification, reporting, and correction of flaws like CVE-2025-21102 through patching, eliminating the plaintext storage vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct mapping to insecure plaintext credential storage accessible locally by high-privileged users, enabling credential discovery.
NVD Description
Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
Deeper analysisAI
CVE-2025-21102 is a Plaintext Storage of a Password vulnerability affecting Dell VxRail in versions 7.0.000 through 7.0.532. Published on 2025-01-08, this issue corresponds to CWE-256 (Plaintext Storage of a Password) and CWE-522 (Insufficiently Protected Credentials), with a CVSS v3.1 base score of 7.5 (AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
A high-privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure. The attack requires local access, high attack complexity, and high privileges, with no user interaction needed; successful exploitation changes scope and results in high impacts to confidentiality, integrity, and availability.
Dell has issued security advisory DSA-2025-027, detailed in KB article 000269793, providing a security update for this and multiple other vulnerabilities in VxRail. Practitioners should review the advisory at https://www.dell.com/support/kbdoc/en-us/000269793/dsa-2025-027-security-update-for-dell-vxrail-for-multiple-vulnerabilities?ref=emcadvisory_000269793_High_null for patching instructions and mitigation guidance.
Details
- CWE(s)