Platform
other
Component
cloudlink
Fixed in
8.1.1
CVE-2025-46364 describes a critical CLI Escape vulnerability affecting Dell CloudLink versions up to and including 8.1.1. This flaw allows a privileged user possessing a known password to escalate privileges and gain control of the affected system. Dell has released version 8.1.1 to address this vulnerability, and immediate patching is recommended.
The impact of this vulnerability is severe. A successful exploit allows a malicious actor, already possessing privileged credentials, to completely compromise the system. This could involve unauthorized data access, modification, or deletion, as well as the installation of malware or the establishment of persistent backdoors. The attacker effectively gains root or administrator-level access, enabling them to control the entire CloudLink instance. Given the nature of CloudLink as a management platform, this could lead to widespread impact across managed devices and services.
This vulnerability is considered high probability due to its criticality and the potential for exploitation with known credentials. While no public proof-of-concept (POC) has been released as of the publication date, the ease of exploitation (requiring only a known password) increases the likelihood of exploitation. The vulnerability was publicly disclosed on 2025-11-05. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.07% (22% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to immediately upgrade Dell CloudLink to version 8.1.1 or later. If upgrading is not immediately feasible due to compatibility concerns or testing requirements, consider implementing stricter password policies and multi-factor authentication for privileged accounts. Review existing CloudLink configurations to ensure least privilege principles are enforced. While a direct WAF rule is unlikely to be effective against this type of privilege escalation, monitoring for unusual CLI activity and suspicious process executions can provide early warning signs. After upgrading, confirm the fix by attempting a CLI escape with a privileged account and verifying that the attempt is blocked.
Update Dell CloudLink to version 8.1.1 or later. This update addresses the CLI Escape Vulnerability that allows privileged users to gain control of the system. See the Dell security advisory for more details and upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-46364 is a critical vulnerability in Dell CloudLink versions 8.1.1 and earlier, allowing a privileged user with a known password to gain complete control of the system through a CLI escape.
If you are using Dell CloudLink version 8.1.1 or earlier, you are potentially affected by this vulnerability. Check your current version and upgrade immediately.
The recommended fix is to upgrade Dell CloudLink to version 8.1.1 or later. If immediate upgrade is not possible, implement stricter password policies and enhanced authentication.
While no public exploits are currently known, the ease of exploitation makes active exploitation a possibility. Monitor your systems closely.
Refer to the official Dell Security Advisory for CVE-2025-46364 on the Dell Support website for detailed information and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.