Dell Secure Connect Gateway SRS 5.26 Sensitive Info Exposure
CVE-2025-23382 Published on March 19, 2025

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.c

Vendor Advisory NVD

Vulnerability Analysis

CVE-2025-23382 is exploitable with network access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.

Attack Vector:
NETWORK
Attack Complexity:
HIGH
Privileges Required:
LOW
User Interaction:
REQUIRED
Scope:
CHANGED
Confidentiality Impact:
LOW
Integrity Impact:
LOW
Availability Impact:
LOW

Weakness Type

Exposure of Sensitive System Information to an Unauthorized Control Sphere

The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.


Products Associated with CVE-2025-23382

Want to know whenever a new CVE is published for Dell Secure Connect Gateway? stack.watch will email you.

Dell Secure Connect Gateway
 

Affected Versions

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS Version 5.26.00.20 is affected by CVE-2025-23382

Exploit Probability

EPSS
0.09%
Percentile
25.70%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.