CVE-2025-46685

High

Published: 13 January 2026

Published

13 January 2026

Modified

13 February 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

EPSS Score 0.0001 2.9th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-46685 is a high-severity Creation of Temporary File With Insecure Permissions (CWE-378) vulnerability in Dell Supportassist Os Recovery. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique File System Permissions Weakness (T1044); ranked at the 2.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to File System Permissions Weakness (T1044) and 1 other technique.

Threat & Defense Details

MITRE ATT&CK Enterprise TechniquesAI

T1044 File System Permissions Weakness Persistence

Processes may automatically execute specific binaries as part of their functionality or to perform other actions.

attack.mitre.org →

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

Insecure temp file permissions (CWE-378) directly enables local privilege escalation via file system weaknesses.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

Deeper analysisAI

Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, is affected by CVE-2025-46685, a Creation of Temporary File With Insecure Permissions vulnerability (CWE-378). This flaw allows insecure handling of temporary files, which can be exploited under specific conditions. The vulnerability carries a CVSS v3.1 base score of 7.5 (High), with vector AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H, indicating local access vector, high attack complexity, low privileges required, user interaction needed, changed scope, and high impacts on confidentiality, integrity, and availability.

A low-privileged attacker with local access to the system can potentially exploit this vulnerability to achieve elevation of privileges. Exploitation requires high complexity and user interaction, such as tricking the user into specific actions, but success could grant the attacker escalated rights, enabling full control over the system including high-impact data access, modification, and disruption.

Dell has issued security advisory DSA-2025-456 at https://www.dell.com/support/kbdoc/en-us/000401506/dsa-2025-456, which provides details on the vulnerability and recommends updating to version 5.5.15.1 or later to mitigate the issue. Security practitioners should verify patch deployment on affected systems.

Details

CWE(s): CWE-378

Affected Products

dell

supportassist os recovery

≤ 5.5.15.1

CVEs Like This One

CVE-2025-22480Same product: Dell Supportassist Os Recovery

CVE-2026-32655Same vendor: Dell

CVE-2026-27102Same vendor: Dell

CVE-2025-21105Same vendor: Dell

CVE-2026-25906Same vendor: Dell

CVE-2026-23857Same vendor: Dell

CVE-2026-35155Same vendor: Dell

CVE-2026-24510Same vendor: Dell

CVE-2026-22765Same vendor: Dell

CVE-2026-26949Same vendor: Dell

References

https://www.dell.com/support/kbdoc/en-us/000401506/dsa-2025-456
Vendor Advisory · security_alert@emc.com