CVE-2025-24381
Published: 28 March 2025
Summary
CVE-2025-24381 is a high-severity Open Redirect (CWE-601) vulnerability in Dell Unity Operating Environment. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Spearphishing Link (T1566.002); ranked in the top 40.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the open redirect vulnerability by identifying, testing, and deploying the Dell-provided security update for affected Unity versions.
Validates untrusted URL inputs in redirect parameters to ensure they resolve only to approved domains, blocking exploitation of the open redirect flaw.
Filters output such as HTTP Location headers containing redirect URLs to strip or block untrusted destinations, mitigating phishing and session theft risks.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Open redirect vulnerability directly enables crafting of spearphishing links using the trusted application domain to redirect users to malicious sites for phishing and potential session theft.
NVD Description
Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The…
more
vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information. Exploitation may allow for session theft.
Deeper analysisAI
CVE-2025-24381 is an URL Redirection to Untrusted Site ('Open Redirect') vulnerability, classified as CWE-601, affecting Dell Unity versions 5.4 and prior. Published on 2025-03-28, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high severity due to network accessibility, low attack complexity, no required privileges, user interaction dependency, and high impacts on confidentiality, integrity, and availability.
An unauthenticated attacker with remote access can exploit this vulnerability to redirect targeted application users to arbitrary web URLs. This enables phishing attacks that trick users into divulging sensitive information, and exploitation may also facilitate session theft.
Dell's DSA-2025-116 advisory provides a security update addressing multiple vulnerabilities in Dell Unity, Dell UnityVSA, and Dell Unity XT, including CVE-2025-24381. Security practitioners should consult the advisory at https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities for patching guidance and mitigation steps.
Details
- CWE(s)