A high-severity vulnerability has been identified in Dell Unity storage platforms, which could allow a low-privileged attacker to gain unauthorized access to sensitive data. Successful exploitation could lead to a breach of data confidentiality and integrity on critical storage systems. Organizations are strongly advised to apply the vendor-provided security patches immediately to mitigate the risk of data exposure and system compromise.

The vulnerability is an improper privilege management flaw within the Dell Unity management API. An authenticated attacker with low-level privileges can craft a malicious API request to an improperly secured endpoint. This allows the attacker to escalate their privileges to an administrative level, granting them the ability to read, modify, or exfiltrate sensitive data stored on the Unity array. Exploitation is performed over the network, requires valid but low-level user credentials, and does not require any interaction from another user.

This vulnerability is rated as High severity with a CVSS score of 7.3. Dell Unity systems are central to enterprise data storage, often hosting business-critical applications, databases, and sensitive files. A successful exploit could lead to significant business consequences, including a major data breach, unauthorized modification of critical company data, and reputational damage. The exposure of sensitive customer or corporate information could also result in regulatory fines and legal action for non-compliance with data protection standards like GDPR or HIPAA.

Immediate Action: Apply the security updates provided by Dell immediately across all affected Dell Unity systems. Before deployment in production, organizations should follow standard change management processes, including testing the patch in a non-production environment where possible. After patching, review system access logs for any signs of unauthorized or suspicious activity preceding the update.

Proactive Monitoring: Security teams should configure and monitor logs from Dell Unity systems for anomalous activity. Specifically, look for unusual API calls from low-privileged user accounts, multiple failed login attempts followed by a successful login from an unexpected IP address, and any unauthorized configuration changes or data access events. Monitor network traffic to and from the storage management interface for patterns indicative of data exfiltration.

Compensating Controls: If immediate patching is not feasible, implement the following compensating controls to reduce the risk of exploitation:

• Restrict network access to the Dell Unity management interface to a limited set of trusted administrative workstations.
• Review all user accounts on the Dell Unity systems and disable or remove any that are not essential.
• Enforce multi-factor authentication (MFA) for all administrative access to the management interface.
• Increase the level of logging and alerting for all authenticated activity on the platform.

Public Exploit Available: false

Given the high severity (CVSS 7.3) of this vulnerability and its impact on critical data storage infrastructure, we recommend that organizations treat this as a top priority. Although CVE-2025-36604 is not currently on the CISA KEV list, its potential for data exfiltration and privilege escalation warrants immediate action. Organizations should adhere to their critical vulnerability patching policy and apply the vendor-supplied patch within the next 7 days. If patching is delayed, the compensating controls listed above must be implemented and verified without delay.