CVE-2025-21111
Published: 08 January 2025
Summary
CVE-2025-21111 is a high-severity Plaintext Storage of a Password (CWE-256) vulnerability in Dell Vxrail D560 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Credentials In Files (T1552.001); ranked at the 14.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-28 (Protection of Information at Rest).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
IA-5 mandates cryptographic protection for stored authenticators like passwords, directly preventing plaintext storage vulnerabilities like CVE-2025-21111.
SC-28 requires cryptographic mechanisms to protect sensitive information at rest, comprehensively mitigating exposure of plaintext-stored passwords.
SI-2 ensures timely identification, reporting, and correction of flaws such as plaintext password storage, addressing the specific vulnerability via patching.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Plaintext credential storage (CWE-256/522) directly enables local high-privileged reading of credentials from files, mapping to Unsecured Credentials: Credentials In Files.
NVD Description
Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
Deeper analysisAI
CVE-2025-21111 is a Plaintext Storage of a Password vulnerability affecting Dell VxRail systems in versions 8.0.000 through 8.0.311. This flaw, mapped to CWE-256 (Plaintext Storage of a Password) and CWE-522 (Insufficiently Protected Credentials), involves the insecure storage of sensitive credentials in plaintext within the affected component.
A high-privileged attacker with local access could potentially exploit this vulnerability, as indicated by its CVSS v3.1 base score of 7.5 (AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H). Successful exploitation would lead to information exposure, with high impacts on confidentiality, integrity, and availability in a scoped attack scenario.
Dell has issued DSA-2025-025, a security update addressing multiple vulnerabilities in VxRail, including CVE-2025-21111. Practitioners should refer to the advisory at https://www.dell.com/support/kbdoc/en-us/000269958/dsa-2025-025-security-update-for-dell-vxrail-for-multiple-vulnerabilities for details on patches and mitigation steps.
Details
- CWE(s)