CVE Vulnerabilities

CVE-2025-38747

Creation of Temporary File With Insecure Permissions

Published: Aug 06, 2025 | Modified: Aug 18, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contain a Creation of Temporary File With Insecure Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to Elevation of Privileges.

Weakness

Opening temporary files without appropriate measures or controls can leave the file, its contents and any function that it impacts vulnerable to attack.

Affected Software

Name Vendor Start Version End Version
Supportassist_os_recovery Dell * 5.5.14.0 (excluding)

Potential Mitigations

References