CVE-2025-36572 – Dell PowerStore Hard-Coded Credentials Vulnerability Allowing Unauthorized Access

Vulnerability

Patched

A vulnerability exists in Dell PowerStore version 4.0.0.0, related to the use of hard-coded credentials in the PowerStore image file. This vulnerability allows a low-privileged attacker with remote access and knowledge of the hard-coded credentials to gain unauthorized access, depending on the privileges associated with the hard-coded account.

Impact

Exploitation of this vulnerability could lead to unauthorized access on the affected system, based on the privileges of the hard-coded account.

Remediation

Users can upgrade to Dell PowerStore version 4.0.1.3-2494147 to address this vulnerability. Instructions for downloading the update are available on the Dell PowerStore 500T, 1000T, 1200T, 3000T, 3200Q, 3200T, 5000T, 5200T, 7000T, 9000T, and 9200T product support pages.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Affected Products

Dell PowerStore 500T

Moderate fix1 remedy

cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*

Moderate fix1 remedy

< 4.0.1.3-2494147

Dell PowerStore 1000T

Moderate fix1 remedy

cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*

Moderate fix1 remedy

< 4.0.1.3-2494147

Dell PowerStore 1200T

Moderate fix1 remedy

cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*

Moderate fix1 remedy

< 4.0.1.3-2494147

Dell PowerStore 3000T

Moderate fix1 remedy

cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*

Moderate fix1 remedy

< 4.0.1.3-2494147

Dell PowerStore 3200Q

Moderate fix1 remedy

cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*

Moderate fix1 remedy

< 4.0.1.3-2494147

Dell PowerStore 3200T

Moderate fix1 remedy

cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*

Moderate fix1 remedy

< 4.0.1.3-2494147

Dell PowerStore 5000T

Moderate fix1 remedy

cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*

Moderate fix1 remedy

< 4.0.1.3-2494147

Dell PowerStore 5200T

Moderate fix1 remedy

cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*

Moderate fix1 remedy

< 4.0.1.3-2494147

Dell PowerStore 7000T

Moderate fix1 remedy

cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*

Moderate fix1 remedy

< 4.0.1.3-2494147

Dell PowerStore 9000T

Moderate fix1 remedy

cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*

Moderate fix1 remedy

< 4.0.1.3-2494147

Dell PowerStore 9200T

Moderate fix1 remedy

cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*

Moderate fix1 remedy

< 4.0.1.3-2494147

CVSS Scores

volerion

8.6

CVSS 4.0

8.6

High

volerion

8.1

CVSS 3.1

8.1

High

Vendor

6.5

CVSS 3.1

6.5

Medium

Click a row to open the calculator.

References

https://www.dell.com/support/kbdoc/en-us/000325205/dsa-2025-223-dell-powerstore-t-security-update-for-multiple-vulnerabilities

AdvisoryBundleRemedyVendor

Showing 1-1 of 1 references

Dell PowerStore Hard-Coded Credentials Vulnerability Allowing Unauthorized Access

Vulnerability

Impact

Remediation

Affected Products

Dell PowerStore 500T

Dell PowerStore 1000T

Dell PowerStore 1200T

Dell PowerStore 3000T

Dell PowerStore 3200Q

Dell PowerStore 3200T

Dell PowerStore 5000T

Dell PowerStore 5200T

Dell PowerStore 7000T

Dell PowerStore 9000T

Dell PowerStore 9200T

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating