CVE-2025-22472

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of commands with elevated privileges.

CVSS

No CVSS.

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000289970/dsa-2025-070-security-update-for-dell-networking-os10-vulnerabilities	Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000293638/dsa-2025-069-security-update-for-dell-networking-os10-vulnerabilities	Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000294091/dsa-2025-079-security-update-for-dell-networking-os10-vulnerabilities	Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000295014/dsa-2025-068-security-update-for-dell-networking-os10-vulnerabilities	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:dell:smartfabric_os10::::::::
	cpe:2.3:o:dell:smartfabric_os10::::::::
	cpe:2.3:o:dell:smartfabric_os10::::::::
	cpe:2.3:o:dell:smartfabric_os10::::::::

History

14 Jul 2025, 20:30

Type	Values Removed	Values Added
CPE		cpe:2.3:o:dell:smartfabric_os10::::::::
First Time		Dell Dell smartfabric Os10
References	~~() https://www.dell.com/support/kbdoc/en-us/000295014/dsa-2025-068-security-update-for-dell-networking-os10-vulnerabilities -~~	() https://www.dell.com/support/kbdoc/en-us/000295014/dsa-2025-068-security-update-for-dell-networking-os10-vulnerabilities - Vendor Advisory
References	~~() https://www.dell.com/support/kbdoc/en-us/000289970/dsa-2025-070-security-update-for-dell-networking-os10-vulnerabilities -~~	() https://www.dell.com/support/kbdoc/en-us/000289970/dsa-2025-070-security-update-for-dell-networking-os10-vulnerabilities - Vendor Advisory
References	~~() https://www.dell.com/support/kbdoc/en-us/000294091/dsa-2025-079-security-update-for-dell-networking-os10-vulnerabilities -~~	() https://www.dell.com/support/kbdoc/en-us/000294091/dsa-2025-079-security-update-for-dell-networking-os10-vulnerabilities - Vendor Advisory
References	~~() https://www.dell.com/support/kbdoc/en-us/000293638/dsa-2025-069-security-update-for-dell-networking-os10-vulnerabilities -~~	() https://www.dell.com/support/kbdoc/en-us/000293638/dsa-2025-069-security-update-for-dell-networking-os10-vulnerabilities - Vendor Advisory

17 Mar 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-17 18:15

Updated : 2025-07-14 20:30

NVD link : CVE-2025-22472

Mitre link : CVE-2025-22472

JSON object : View

Products Affected

dell

smartfabric_os10

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

JSON object

Attach tags to CVE-2025-22472

Attach tags to `CVE-2025-22472`