CVE-2025-38746

low

Description

Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure.

References

https://www.dell.com/support/kbdoc/en-us/000353093/dsa-2025-315

Details

Source: Mitre, NVD

Published: 2025-08-06

Updated: 2025-08-06

Risk Information

CVSS v2

Base Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:N

Severity: Low

CVSS v3

Base Score: 3.5

Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Severity: Low

EPSS

EPSS: 0.00023

Detections

Analytics