CVE-2025-36572 is a vulnerability identified in Dell PowerStore, specifically version 4.0.0.0, involving the use of hard-coded credentials within the PowerStore image file. Hard-coded credentials are embedded usernames and passwords that are fixed in the software code or firmware and cannot be changed by the user. This vulnerability falls under CWE-798, which highlights the security risk of embedding such credentials. An attacker with low privileges and remote access who knows these hard-coded credentials could exploit this flaw to gain unauthorized access to the system. The access level gained depends on the privileges assigned to the hard-coded account, which may allow the attacker to perform unauthorized actions or access sensitive data. The CVSS v3.1 score for this vulnerability is 6.5, indicating a medium severity level. The vector metrics are AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, meaning the attack can be performed remotely over the network with low attack complexity, requires low privileges, no user interaction, and impacts confidentiality with high impact but no impact on integrity or availability. No patches or known exploits in the wild have been reported at the time of publication. The vulnerability is critical because hard-coded credentials are difficult to detect and remove, and once discovered, they can be widely exploited. Since the vulnerability exists in the image file, it may be present in all deployments using the affected version until updated or patched. This flaw undermines the security model of Dell PowerStore, a storage appliance widely used for enterprise data storage and management, potentially exposing sensitive stored data to unauthorized parties.

For European organizations using Dell PowerStore version 4.0.0.0, this vulnerability poses a significant risk to the confidentiality of stored data. Attackers exploiting the hard-coded credentials could gain unauthorized access to storage systems, potentially leading to data breaches involving sensitive or regulated information. This is particularly critical for sectors with strict data protection requirements such as finance, healthcare, and government institutions across Europe. Although the vulnerability does not directly impact data integrity or availability, unauthorized access could facilitate data exfiltration or unauthorized data exposure, undermining compliance with GDPR and other data protection laws. The ease of exploitation (remote network access with low privileges and no user interaction) increases the risk of widespread attacks if the credentials become publicly known. The lack of known exploits in the wild currently limits immediate risk, but the presence of hard-coded credentials is a persistent security weakness that could be targeted by threat actors. European organizations relying on Dell PowerStore for critical storage infrastructure should consider this vulnerability a medium risk but prioritize remediation to prevent potential data confidentiality breaches.

1. Immediate mitigation should include identifying all Dell PowerStore appliances running version 4.0.0.0 within the organization. 2. Since no patch is currently available, restrict network access to the management interfaces of PowerStore appliances to trusted administrative networks only, using network segmentation and firewall rules. 3. Implement strict monitoring and logging of access attempts to detect any unauthorized use of the hard-coded credentials. 4. If possible, replace or re-image the affected PowerStore devices with versions that do not contain the hard-coded credentials once Dell releases a patch or updated image. 5. Employ multi-factor authentication (MFA) on management interfaces to add an additional layer of security beyond the hard-coded credentials. 6. Conduct regular vulnerability assessments and penetration testing focused on storage infrastructure to detect unauthorized access attempts. 7. Maintain an incident response plan that includes procedures for containment and remediation if unauthorized access is detected. 8. Engage with Dell support to receive updates on patches or mitigation tools and apply them promptly upon release.