CVE-2025-36589

High

Published: 06 January 2026

Published

06 January 2026

Modified

22 January 2026

KEV Added

—

Patch

—

CVSS Score 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

EPSS Score 0.0010 26.5th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-36589 is a high-severity Improper Restriction of XML External Entity Reference (CWE-611) vulnerability in Dell Unisphere For Powermax. Its CVSS base score is 7.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 26.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique.

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

CA-8 Penetration Testing

addresses: CWE-611

Penetration testing includes XML external entity payloads, detecting XXE vulnerabilities and enabling their mitigation.

SI-4 System Monitoring

addresses: CWE-611

Identifies XML external entity processing via monitoring of unusual file/network access or resource usage.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

Why these techniques?

XXE (CWE-611) in public-facing Unisphere web app directly enables remote exploitation for unauthorized local file/data access.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to data and resources outside of the intended…

sphere of control.

Deeper analysisAI

CVE-2025-36589 is an Improper Restriction of XML External Entity Reference vulnerability (CWE-611) affecting Dell Unisphere for PowerMax in versions 9.2.4.x. Published on 2026-01-06, it carries a CVSS v3.1 base score of 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L), indicating high severity due primarily to its confidentiality impact.

A low-privileged attacker with remote network access can exploit this vulnerability with low complexity and no user interaction. Exploitation could enable unauthorized access to data and resources beyond the intended boundaries of control.

Dell security advisory DSA-2025-425 provides details on this and multiple related vulnerabilities across PowerMaxOS, PowerMax EEM, Unisphere for PowerMax, Unisphere for PowerMax Virtual Appliance, Unisphere 360, and Solutions Enabler Virtual Appliance. Mitigation guidance and patches are available at https://www.dell.com/support/kbdoc/en-us/000402262/dsa-2025-425-dell-powermaxos-dell-powermax-eem-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-unisphere-360-dell-solutions-enabler-virtual-appliance-security-update-for-multiple-vulnerabilities.