Cyber Posture

CVE-2025-36588

High

Published: 22 January 2026

Published
22 January 2026
Modified
26 February 2026
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0003 10.0th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-36588 is a high-severity SQL Injection (CWE-89) vulnerability in Dell Unisphere For Powermax. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 10.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly addresses SQL injection by requiring validation and neutralization of special elements in information inputs used for SQL commands.

SI-2 Flaw Remediation good match
prevent

Requires timely identification, reporting, and patching of flaws like this SQL injection vulnerability, as addressed in Dell's security advisory.

RA-5 Vulnerability Monitoring and Scanning good match
preventdetect

Mandates vulnerability scanning to identify and remediate SQL injection flaws in systems like Unisphere for PowerMax before exploitation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
attack.mitre.org →
Why these techniques?

SQL injection in remotely accessible management web app (Unisphere) directly enables T1190 exploitation; resulting arbitrary command execution maps to T1059.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

Deeper analysisAI

CVE-2025-36588 is an SQL injection vulnerability (CWE-89) affecting Dell Unisphere for PowerMax in versions 10.2.0.x. It stems from improper neutralization of special elements used in an SQL command, with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The vulnerability was published on January 22, 2026.

A low-privileged attacker with remote access can exploit this flaw over the network with low complexity and no user interaction required. Successful exploitation enables command execution, potentially granting high-impact confidentiality, integrity, and availability compromises within the affected system.

Dell has issued security advisory DSA-2026-102, detailed at https://www.dell.com/support/kbdoc/en-us/000429268/dsa-2026-102-dell-unisphere-for-powermax-and-powermax-eem-security-update-for-multiple-vulnerabilities, which addresses this and other vulnerabilities in Unisphere for PowerMax and PowerMax EEM with applicable patches and mitigation guidance.

Details

CWE(s)
CWE-89

Affected Products

dell
unisphere for powermax
≤ 9.2.4.19
dell
unisphere for powermax virtual appliance
≤ 9.2.4.19

CVEs Like This One

CVE-2025-36589Same product: Dell Unisphere For Powermax
CVE-2026-26358Same product: Dell Unisphere For Powermax
CVE-2026-26360Same product: Dell Unisphere For Powermax
CVE-2026-26359Same product: Dell Unisphere For Powermax
CVE-2026-26362Same product: Dell Unisphere For Powermax
CVE-2025-36604Same vendor: Dell
CVE-2026-26354Same vendor: Dell
CVE-2026-22266Same vendor: Dell
CVE-2025-53595Shared CWE-89
CVE-2025-53475Shared CWE-89

References