{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T18:49:13.840","vulnerabilities":[{"cve":{"id":"CVE-2025-22395","sourceIdentifier":"security_alert@emc.com","published":"2025-01-07T03:15:06.047","lastModified":"2025-02-04T15:49:52.617","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary remote scripts on the server. Exploitation may lead to a denial of service by an attacker."},{"lang":"es","value":"Dell Update Package Framework, versiones anteriores a la 22.01.02, contiene una vulnerabilidad de escalada de privilegios locales. Un atacante local con poco nivel de privilegios podría aprovechar esta vulnerabilidad, lo que provocaría la ejecución de scripts remotos arbitrarios en el servidor. La explotación puede provocar una denegación de servicio por parte de un atacante."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-280"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:update_package_framework:*:*:*:*:*:*:*:*","versionEndExcluding":"22.01.02","matchCriteriaId":"D60A8235-9077-47AB-943B-BB923F803750"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000269079/dsa-2025-034-security-update-for-dell-update-package-dup-framework-vulnerability","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}}]}