CVE-2025-32747
MEDIUMDell PowerFlex Manager (Appliance) - Incorrect Privilege Assignment
Title source: ruleDescription
Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
References (2)
Core 2
Core References
Scores
CVSS v3
5.3
EPSS
0.0009
EPSS Percentile
0.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-266
Status
published
Products (8)
Dell/PowerFlex Manager
< 4.6.2
Dell/PowerFlex Manager (Appliance)
< IC 48.378.00
Dell/PowerFlex Manager (Appliance)
< IC 48.383.00
Dell/PowerFlex Manager (Rack)
< 3.7.8.0
Dell/PowerFlex Manager (Rack)
< 3.8.3.0
dell/powerflex_appliance_intelligent_catalog
< 48.383.00
dell/powerflex_manager
< 4.6.2
dell/powerflex_rack
< 3.7.8.0
Published
May 22, 2026
Tracked Since
May 22, 2026