CVE-2025-29986 | THREATINT

Description

Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Common Anti-Virus Agent (CAVA). An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

PUBLISHED Reserved 2025-03-13 | Published 2025-04-08 | Updated 2025-04-08 | Assigner dell

HIGH: 8.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Problem types

CWE-923: Improper Restriction of Communication Channel to Intended Endpoints

Product status

Default status

unaffected

Any version before 9.0.0.0

affected

References

www.dell.com/...or-dell-common-event-enabler-vulnerabilities vendor-advisory

cve.org (CVE-2025-29986)

nvd.nist.gov (CVE-2025-29986)

Download JSON