CVE-2025-45378

CRITICAL 9.1

CVSS Score

9.1

EPSS Score

0.0%

EPSS Percentile

0th

Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system. If ssh is enabled with web credentials of server, attack is possible through network with known privileged user/password.

CWE	CWE-78
Vendor	dell
Product	cloudlink
Published	Nov 5, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for dell cloudlink

Be the first to know when new critical vulnerabilities affecting dell cloudlink are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Dell / CloudLink

8.0 < 8.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

dell.com: https://www.dell.com/support/kbdoc/en-us/000384363/dsa-2025-374-security-update-for-dell-cloudlink-multiple-security-vulnerabilities