Dell Storage Manager Multiple Vulnerabilities Allow Remote Exploitation
Category:Vulnerabilities / Dell
Tenable researchers have disclosed critical vulnerabilities in Dell Storage Manager (DSM), including CVE-2025-43995 (authentication bypass) and CVE-2025-43994 (DoS). Attackers can exploit the ApiProxy.war endpoint to change user passwords without authentication, or fill disk space remotely using unauthenticated API calls, leading to service disruption.
CORTEX Protocol Intelligence Assessment
Business Impact: Remote exploitation can result in unauthorized account changes and system downtime. Technical Context: Exploits leverage hardcoded session keys and SOAP-based API endpoints to bypass authentication.
Strategic Intelligence Guidance
- Immediately apply Dell-provided DSM security patches.
- Restrict SOAP endpoint access to internal networks only.
- Monitor for abnormal SOAP API traffic from unknown hosts.
- Audit DSM configurations for default or test accounts.
CVEs
Vendors
Targets
Intelligence Source: Dell Storage Manager Multiple Vulnerabilities - Research Advisory | Tenable® | Oct 25, 2025