Talos Vulnerability Report - TALOS-2025-2175 Vulnerability Summary CVE Number: CVE-2025-36482, CVE-2025-36460, CVE-2025-36461, CVE-2025-36463 Vulnerability Type: Multiple out-of-bounds read and write vulnerabilities Affected Product: Dell ControlVault3 Control Vault WBDI Driver Broadcom Storage Adapter CVSS Score: 7.3 (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) Key Information Vulnerable Versions: Broadcom BCM5820X, Dell ControlVault3 5.14.3.0 Product URL: https://www.broadcom.com/products/embedded-and-networking-processors/secure/bcm5820x CWE: CWE-805 - Buffer Access with Incorrect Length Value Details Vulnerability Trigger: When submitting a WinBioControlUnit call to the StorageAdapter with specific values and constraints. Impact: Memory corruption, memory leaks, and potentially code execution as SYSTEM. Crash Information Key Values: - : NullPtr - : Write - : 718 - : 28299 - : 10 Timeline 2025-04-22: Vendor Disclosure 2025-06-13: Vendor Patch Release 2025-11-17: Public Release Credits Discovered by Philippe Laulheret of Cisco Talos.