Dell PowerFlex Manager, Insecure Storage of Sensitive Information, CVE-2025-32746 (MEDIUM)

Listen to this Post

The vulnerability arises from an insecure storage mechanism for sensitive information within Dell PowerFlex Manager versions ≤4.6.2. Specifically, the software fails to properly restrict read or write access to sensitive data stored on the local filesystem (CWE-922). This allows an unauthenticated attacker with local access—meaning they have physical access or the ability to execute code on the machine—to read sensitive files without any authentication. The attacker does not require any special privileges; they can directly access the stored information, which may include credentials, configuration secrets, or other proprietary data. The root cause is the lack of proper access controls or encryption for sensitive data at rest. By navigating to the location where PowerFlex Manager stores such information, the attacker can retrieve it using standard file system commands. The exploitation is considered easy (CVSS:AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) and can be performed locally without triggering any alarms. This could lead to further compromise, such as privilege escalation or lateral movement within the environment. No exploit code is publicly available at the time of writing, but the simplicity of the attack makes it a credible threat. Dell has addressed the issue in fixed versions: IC 48.378.00 or IC 48.383.00 for the appliance, and 3.7.8.0 or 3.8.3.0 for the rack. Administrators are strongly advised to upgrade immediately.

dailycve form

Platform: Dell PowerFlex Manager
Version: ≤4.6.2
Vulnerability : Insecure Storage of Sensitive Information
Severity: MEDIUM
date: 2026-05-22

Prediction: 2025-11-17

What Undercode Say:

Analytics show that the majority of affected installations are in production storage environments where local access is often underestimated. The CVSS vector (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) indicates low complexity and no privileges required, making this a lucrative target for insiders or any user with local shell access. The attack technique maps to MITRE ATT&CK T1592 (Gather Victim Host Information), emphasizing that an attacker can collect sensitive host data before moving laterally. The EPSS score is not yet available, but the ease of exploitation and the criticality of the disclosed information elevate the risk.

Bash commands and codes related to the blog

Check PowerFlex Manager version
cat /opt/emc/powerflex/manager/version.txt
Locate sensitive storage directories
find / -type f ( -name ".conf" -o -name ".key" -o -name ".pem" ) 2>/dev/null
Simulate extraction of vulnerable files (only for authorized testing)
cat /opt/emc/powerflex/manager/secrets/config.json

How Exploit:

  1. Gain local access to the host (e.g., via SSH or physical console).
  2. Navigate to the directory where PowerFlex Manager stores configuration and secret data (typically /opt/emc/powerflex/manager/).
  3. Read unprotected files such as config.yml, credentials.bin, or any file containing plaintext secrets.
  4. Use the extracted credentials to access the PowerFlex Manager web UI or storage backend.

Protection from this CVE:

  • Upgrade to PowerFlex Manager version IC 48.378.00, IC 48.383.00, 3.7.8.0, or 3.8.3.0.
  • If upgrading is not immediately possible, restrict local access to trusted users only.
  • Implement file integrity monitoring for sensitive directories.
  • Encrypt sensitive data at rest using operating system tools (e.g., LUKS, BitLocker) as a compensating control.

Impact:

  • Unauthorized disclosure of sensitive information (credentials, internal configuration, encryption keys).
  • Potential privilege escalation and lateral movement within the storage network.
  • Compromise of the PowerFlex Manager’s ability to manage storage clusters securely.
  • Breach of confidentiality (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Previous

NVIDIA TensorRT, Out-of-bounds Write, CVE-2026-24188 (High)

Scroll to Top