Dell EMC XtremIO X2 Log Information Disclosure Vulnerability (CVE-2025-25332) Security Update

Critical Vulnerability Information Vulnerability Overview Advisory ID: DSA-2025-108 Title: Security Update for Dell EMC XtremIO X2 Summary: Dell EMC XtremIO X2 contains multiple security vulnerabilities that could be exploited by malicious users to impact the system. Vulnerability Details CVE-2025-25332 - Description: Dell XtremIO X2 versions 6.0.22 and earlier contain a vulnerability allowing sensitive information to be inserted into log files. A low-privileged user with local access could exploit this vulnerability to cause information disclosure. - CVSS Base Score: 8.8 - CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2025-25332 - Description: TechAdvisor versions 2.6 through 3.37.90 for Dell XtremIO X2 contain a vulnerability allowing sensitive information to be injected into log files. A low-privileged user with local access could exploit this vulnerability to cause information disclosure. - CVSS Base Score: 8.8 - CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products and Remediation Recommendations XtremIO X2 - Affected Versions: XMS versions 6.4.3 and earlier - Recommended Version: 6.4.3 or higher - Link: Contact customer support for upgrade TechAdvisor - Affected Versions: 2.6 to 3.37.90 - Recommended Version: 3.4 - Link: Contact customer support for upgrade Additional Information Revision History: - Version: 1.0 - Date: 2025-07-29 - Description: Initial release Related Links: - Dell Security Advisories and Notices - Dell Vulnerability Response Policy - CVSS Scoring Guide

Goal Reached Thanks to every supporter — we hit 100%!

Dell EMC XtremIO X2 Log Information Disclosure Vulnerability (CVE-2025-25332) Security Update