CVE-2025-36592 identifies a Cross-site Scripting (XSS) vulnerability classified under CWE-79 in Dell Secure Connect Gateway (SCG) Policy Manager versions 5.20, 5.22, 5.24, 5.26, and 5.28. The vulnerability arises from improper neutralization of user-supplied input during the generation of web pages, allowing an unauthenticated remote attacker to inject malicious scripts. This flaw can be exploited remotely without requiring authentication, though user interaction is necessary to trigger the malicious script execution, typically through a crafted URL or input field. The injected scripts could execute in the context of the victim's browser, potentially leading to theft of session cookies, redirection to malicious sites, or manipulation of displayed content, thereby compromising confidentiality and integrity of user sessions. The CVSS v3.1 base score is 5.4 (medium), reflecting the ease of remote exploitation without privileges but limited impact scope and the requirement for user interaction. No known exploits have been reported in the wild to date, and no official patches are currently linked, indicating that mitigation may rely on vendor updates and defensive configurations. The vulnerability affects critical components of Dell's SCG Policy Manager, which is used to manage secure connectivity policies in enterprise environments, making it a concern for organizations relying on this product for secure network access management.

For European organizations, this vulnerability could lead to unauthorized script execution within the administrative interfaces of Dell SCG Policy Manager, potentially exposing sensitive configuration data or enabling session hijacking of privileged users. While the impact on availability is negligible, confidentiality and integrity risks exist, especially if attackers can leverage the vulnerability to escalate privileges or pivot within the network. Organizations in sectors such as finance, government, and critical infrastructure that rely on Dell SCG for secure remote access are particularly at risk. Exploitation could facilitate further attacks, including data exfiltration or unauthorized policy changes, undermining network security. The requirement for user interaction somewhat limits the attack vector but does not eliminate risk, especially in environments where administrators may be targeted via phishing or social engineering. The absence of known exploits suggests a window for proactive mitigation before widespread exploitation occurs.

Organizations should monitor Dell's official channels for patches addressing CVE-2025-36592 and apply them promptly upon release. In the interim, implement strict input validation and sanitization on all user inputs within the SCG Policy Manager interface to reduce injection risk. Deploy Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers accessing the management console. Restrict access to the SCG Policy Manager interface to trusted networks and users, employing network segmentation and multi-factor authentication to reduce exposure. Conduct user awareness training to mitigate risks from social engineering that could trigger user interaction exploitation. Regularly audit and monitor logs for suspicious activities indicative of attempted XSS attacks. Consider deploying web application firewalls (WAFs) with rules tailored to detect and block XSS payloads targeting the SCG interface. Finally, review and harden browser security settings used by administrators managing the SCG Policy Manager.