Cyber Resilience

CVE-2025-36588

High

Published: 22 January 2026

Published
22 January 2026
Modified
26 February 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0059 43.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2025-36588 is a high-severity SQL Injection (CWE-89) vulnerability in Dell Unisphere For Powermax. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 43.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-36588 is an SQL injection vulnerability (CWE-89) affecting Dell Unisphere for PowerMax in versions 10.2.0.x. It stems from improper neutralization of special elements used in an SQL command, with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The vulnerability was published on January 22, 2026.

A low-privileged attacker with remote access can exploit this flaw over the network with low complexity and no user interaction required. Successful exploitation enables command execution, potentially granting high-impact confidentiality, integrity, and availability compromises within the affected system.

Dell has issued security advisory DSA-2026-102, detailed at https://www.dell.com/support/kbdoc/en-us/000429268/dsa-2026-102-dell-unisphere-for-powermax-and-powermax-eem-security-update-for-multiple-vulnerabilities, which addresses this and other vulnerabilities in Unisphere for PowerMax and PowerMax EEM with applicable patches and mitigation guidance.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

SQL injection in remotely accessible management web app (Unisphere) directly enables T1190 exploitation; resulting arbitrary command execution maps to T1059.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-36589Same product: Dell Unisphere For Powermax
CVE-2026-26360Same product: Dell Unisphere For Powermax
CVE-2026-26358Same product: Dell Unisphere For Powermax
CVE-2026-26359Same product: Dell Unisphere For Powermax
CVE-2026-26362Same product: Dell Unisphere For Powermax
CVE-2026-26354Same vendor: Dell
CVE-2025-36604Same vendor: Dell
CVE-2025-43728Same vendor: Dell
CVE-2026-22266Same vendor: Dell
CVE-2025-11165Shared CWE-89

Affected Assets

dell
unisphere for powermax
≤ 9.2.4.19
dell
unisphere for powermax virtual appliance
≤ 9.2.4.19

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses SQL injection by requiring validation and neutralization of special elements in information inputs used for SQL commands.

prevent

Requires timely identification, reporting, and patching of flaws like this SQL injection vulnerability, as addressed in Dell's security advisory.

preventdetect

Mandates vulnerability scanning to identify and remediate SQL injection flaws in systems like Unisphere for PowerMax before exploitation.

References