CVE-2025-36578

CWE-863 — Incorrect Authorization3 documents3 sources

Severity

6.8MEDIUM

EPSS

0.2%

top 60.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Wyse Management Suite

Timeline

PublishedJun 10

Description

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 1.6 | Impact: 5.2

Affected Packages2 packages

▶CVEListV5dell/wyse_management_suiteN/A — 5.2

▶NVDdell/wyse_management_suite< 5.2

🔴Vulnerability Details

CVEList

CVE-2025-36578: Dell Wyse Management Suite, versions prior to WMS 5↗2025-06-10

▶

GHSA

GHSA-pp47-c46r-hhxq: Dell Wyse Management Suite, versions prior to WMS 5↗2025-06-10

▶