CVE-2025-22394

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Jan 15, 2025

CWE ID 367

Summary

CVE-2025-22394 is a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability affecting the Dell Display Manager, versions prior to 2.3.2.18. This issue allows a low privileged attacker with local access to potentially exploit the flaw, resulting in code execution, and possibly privilege escalation. The vulnerability arises due to an inconsistency in the way the software handles input and checks system state, making it susceptible to manipulation by malicious actors. This weakness could lead to severe consequences, including unauthorized system access and data breaches. It is highly recommended that affected users upgrade to the latest version of Dell Display Manager to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Dell Display Manager

Affected Vendors

Dell Technologies, Inc.

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners