Critical Dell Data Lakehouse Vulnerability (CVE-2025-46608) Allows Privilege Escalation

Dell has issued a security advisory warning customers of a critical severity vulnerability affecting Dell Data Lakehouse products prior to version 1.6.0.0. Tracked as CVE-2025-46608 and assigned a CVSS score of 9.1, the flaw allows a high-privileged remote attacker to elevate privileges and potentially gain unauthorized control over sensitive data and system resources.

According to Dell’s advisory:

“Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.”

Dell stresses the seriousness of the issue, noting that the vulnerability is considered Critical because it can grant unauthorized administrative access:

“This vulnerability is considered Critical, as it may result in unauthorized access with elevated privileges, compromising system integrity and customer data.”

The vulnerability impacts all Data Lakehouse installations prior to version 1.6.0.0. Dell advises all customers to update as soon as possible:

Because Data Lakehouse environments typically handle large-scale analytics workloads and sensitive enterprise datasets, failing to patch this flaw may leave organizations exposed to significant operational and reputational risk.

Dell asks affected customers to contact technical support and reference advisory DSA-2025-375 for remediation guidance.

Related Posts:

• Critical Versa Director Flaw (CVSS 9.8): Hardcoded Credentials Grant Root Access, PoC Available
• System frequent reboot/crash, Dell emergency stop BIOS update
• CVE-2024-43403: Kanister Vulnerability Opens Door to Cluster-Level Privilege Escalation
• Dell SmartFabric OS10 Receives Important Security Updates
• Critical Dell Storage Manager Flaw (CVE-2025-43995, CVSS 9.8) Allows Unauthenticated API Bypass