CVE-2025-43914 is an Incorrect Privilege Assignment vulnerability (CWE-266) affecting Dell PowerProtect Data Domain BoostFS for Linux Ubuntu Feature Release versions 7.7.1.0 through 8.3.0.15, including LTS2025, LTS2024, and LTS2023 releases. This vulnerability arises from improper configuration or enforcement of privilege levels within the BoostFS component, which is used for data backup and storage optimization on Linux Ubuntu systems. A low-privileged attacker with local access and requiring user interaction can exploit this flaw to escalate privileges or gain unauthorized access to sensitive data or system functions. The CVSS v3.1 score is 7.5, reflecting high severity due to the potential for complete compromise of confidentiality, integrity, and availability. The attack vector is local (AV:L), attack complexity is high (AC:H), privileges required are low (PR:L), and user interaction is required (UI:R). The scope is changed (S:C), indicating that exploitation affects resources beyond the initially vulnerable component. Although no exploits are currently known in the wild, the vulnerability represents a significant risk to environments relying on Dell PowerProtect Data Domain BoostFS for critical data protection and backup operations. The lack of available patches at the time of disclosure necessitates immediate mitigation efforts to reduce exposure.

The vulnerability allows a low-privileged local attacker to escalate privileges or gain unauthorized access to sensitive data and system functions within Dell PowerProtect Data Domain BoostFS environments. This can lead to full compromise of backup and storage systems, potentially exposing or corrupting critical backup data. The impact extends to confidentiality breaches, integrity violations through unauthorized modifications, and availability disruptions if the attacker manipulates or disables backup processes. Organizations relying on these Dell products for data protection, especially in sectors like finance, healthcare, government, and large enterprises, face risks of data loss, regulatory non-compliance, and operational downtime. The high attack complexity and requirement for local access limit remote exploitation but do not eliminate risk from insider threats or compromised local accounts.

1. Immediately restrict local access to systems running affected Dell PowerProtect Data Domain BoostFS versions to trusted personnel only. 2. Implement strict user account controls and monitor for unusual privilege escalations or access patterns. 3. Employ application whitelisting and endpoint detection to identify suspicious activities related to BoostFS components. 4. Regularly audit system permissions and configurations to ensure privilege assignments adhere to the principle of least privilege. 5. Maintain up-to-date backups isolated from the affected systems to enable recovery if compromise occurs. 6. Monitor Dell’s security advisories closely for official patches or updates and apply them promptly once released. 7. Consider deploying host-based intrusion prevention systems (HIPS) to detect and block attempts to exploit privilege assignment flaws. 8. Educate local users about the risks of social engineering or actions requiring user interaction that could facilitate exploitation. 9. Use Linux security modules (e.g., SELinux or AppArmor) to enforce additional access controls around BoostFS processes and files.