Detections
Analytics
ControlVault3 Driver 5.15.14.19 / 6.2.36.47 Multiple Vulnerabilities (DSA-2025-228)
high Nessus Plugin ID 275888
Language:
Synopsis
The remote host is missing one or more security updates.Description
The version of ControlVault3 Driver installed on the remote host is prior to 5.15.14.19 or 6.2.36.47. It is, therefore, affected by multiple vulnerabilities as referenced in the DSA-2025-228 advisory.- Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 2 (`WBIO_USH_GET_IDENTITY`) with an improper `ReceiveBuferSize` value. (CVE-2025-36460)
- Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 3 (`WBIO_USH_CREATE_CHALLENGE`) with an invalid `ReceiveBuferSize`. (CVE-2025-36462)
- Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 4 (`WBIO_USH_ADD_RECORD`) and with an invalid `SendBufferSize`. (CVE-2025-36463)
- A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIO_USH_ADD_RECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue an api call to trigger this vulnerability. (CVE-2025-31361)
- A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call to trigger this vulnerability. (CVE-2025-31649)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to ControlVault3 Driver version 5.15.14.19 / 6.2.36.47 or later.See Also
https://www.dell.com/support/kbdoc/en-us/000326061/dsa-2025-228
Plugin Details
Severity: High
ID: 275888
File Name: dell_controlvault3_driver_DSA-2025-228.nasl
Version: 1.1
Type: local
Agent: windows
Family: Misc.
Published: 11/20/2025
Updated: 11/20/2025
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2025-36553
CVSS v3
Risk Factor: High
Base Score: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVSS Score Source: CVE-2025-36463
Vulnerability Information
CPE: x-cpe:/a:dell:controlvault3_driver
Required KB Items: installed_sw/ControlVault3 Driver, BIOS/Model
Exploit Ease: No known exploits are available
Patch Publication Date: 9/4/2025
Vulnerability Publication Date: 11/17/2025
Reference Information
CVE: CVE-2025-31361, CVE-2025-31649, CVE-2025-32089, CVE-2025-36460, CVE-2025-36462, CVE-2025-36463, CVE-2025-36553
IAVA: 2025-A-0868