Cyber Resilience

CVE-2025-22395

High

Published: 07 January 2025

Published
07 January 2025
Modified
04 February 2025
KEV Added
Patch
CVSS Score v3.1 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
EPSS Score 0.0013 31.8th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-22395 is a high-severity Improper Handling of Insufficient Permissions or Privileges (CWE-280) vulnerability in Dell Update Package Framework. Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 31.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-22395 is a local privilege escalation vulnerability affecting the Dell Update Package (DUP) Framework in versions prior to 22.01.02. The flaw, associated with CWE-280 (improper handling of insufficient privileges), allows escalation from low-privileged access and was published on January 7, 2025, with a CVSS v3.1 base score of 8.2 (AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H).

A local attacker with low privileges can exploit this vulnerability by tricking a user into interacting with a malicious input, potentially leading to the execution of arbitrary remote scripts on the server. Successful exploitation enables high-impact confidentiality, integrity, and availability violations, including denial of service.

Dell's security advisory (DSA-2025-034) at https://www.dell.com/support/kbdoc/en-us/000269079/dsa-2025-034-security-update-for-dell-update-package-dup-framework-vulnerability recommends updating the DUP Framework to version 22.01.02 or later to mitigate the issue.

EU & UK References

Vulnerability details

Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary remote scripts on the server. Exploitation may lead to a…

more

denial of service by an attacker.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local privilege escalation via exploitation of insufficient privilege handling directly maps to T1068; user interaction and script execution are secondary effects of the core flaw.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-23857Same product: Dell Update Package Framework
CVE-2025-21105Same vendor: Dell
CVE-2025-27688Same vendor: Dell
CVE-2026-27102Same vendor: Dell
CVE-2024-48013Same vendor: Dell
CVE-2026-35155Same vendor: Dell
CVE-2026-23862Same vendor: Dell
CVE-2024-53295Same vendor: Dell
CVE-2026-24510Same vendor: Dell
CVE-2026-25906Same vendor: Dell

Affected Assets

dell
update package framework
≤ 22.01.02

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely flaw remediation by patching the Dell Update Package Framework to version 22.01.02 or later, directly eliminating the privilege escalation vulnerability.

prevent

Enforces least privilege to prevent low-privileged local attackers from escalating privileges due to improper handling of insufficient privileges in the DUP Framework.

prevent

Mandates enforcement of access control policies to limit unauthorized privilege escalation and arbitrary code execution resulting from the vulnerability.

References