How serious is CVE-2026-25907?

This vulnerability has a CVSS score of 7.5 out of 10, classified as HIGH severity. No public exploit code has been identified yet.

Which products are affected by CVE-2026-25907?

CVE-2026-25907 affects dell powerscale onefs. Check the full CVE details for specific version information.

How do I fix CVE-2026-25907?

To remediate CVE-2026-25907, check for security patches from dell. Apply all available updates and security patches. If no patch is available, implement recommended workarounds or security controls to mitigate the risk.

CVE-2026-25907

High

|7.5

No Exploit

Plain English Summary

AI-powered analysis for quick understanding

An attacker can exploit a flaw in Dell PowerScale OneFS to lock out user accounts, causing a denial of service that prevents legitimate users from accessing the system. This requires the attacker to have remote access, but they do not need to be authenticated to take advantage of this vulnerability.

Technical Description

Dell PowerScale OneFS, version 9.13.0.0, contains an overly restrictive account lockout mechanism vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.

CVSS Vector Analysis

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

Confidentiality ImpactNone

Integrity ImpactNone

Availability ImpactHigh

ScopeUnchanged

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploit Resources

Search for proof-of-concept code and exploit modules

GitHub Search Exploit-DB Nuclei Templates Metasploit Vulners

Official References

NIST NVD

Est. Bounty

$2,053($1K-$5K)

Vendor Response

Grade APatched in 0 days

Quick Information

Published

Mar 4, 2026

about 1 month ago

Last Modified

Mar 4, 2026

about 1 month ago

Vendor

dell

Product

powerscale onefs

Related Vulnerabilities

CVE-2026-22270Medium

This vulnerability allows a high-privileged attacker with local access to the Dell PowerScale OneFS system to potentially disrupt services, gain higher access rights, or access sensitive information. It affects specific versions of the software, so users running outdated versions are at risk.

CVE-2026-21426Medium

This vulnerability allows a high-privileged attacker with local access to the Dell PowerScale OneFS system to potentially cause a denial of service, gain higher privileges, or access sensitive information. It affects specific versions of the software, so systems running outdated versions are at risk.

CVE-2026-21425High

An attacker with low-level access to a Dell PowerScale OneFS system could exploit a flaw to gain higher privileges, allowing them to perform unauthorized actions. This vulnerability affects specific versions of the software, so it’s crucial to ensure you are running an updated version to protect against this risk.

CVE-2026-21424Medium

An attacker with local access to Dell PowerScale OneFS can exploit a flaw to gain higher privileges than intended, potentially allowing them to execute unauthorized actions on the system. This vulnerability affects specific versions of the software, so users should ensure they are running the latest updates to mitigate the risk.

CVE-2026-21423Medium

An attacker with high privileges and local access to Dell PowerScale OneFS could exploit a flaw in default permissions to run malicious code, crash the system, gain higher access rights, or steal sensitive information. This vulnerability affects specific versions of the software, so it’s crucial to ensure you’re running an updated version to mitigate the risk.