Main Vulnerability Database Vulnerabilities #VU112091

#VU112091 Algorithm downgrade in NetWorker Management Console and NetWorker - CVE-2025-36582

Published: July 1, 2025

Vulnerability identifier: #VU112091

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-36582

CWE-ID: CWE-757

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
NetWorker Management Console
NetWorker

Software vendor:
Dell

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to an error when selecting encryption algorithms, which allows a less secure algorithm ti be selected during negotiation. A remote attacker with ability to intercept traffic can perform MitM attack.

Remediation

Install updates from vendor's website.

External links

https://www.dell.com/support/kbdoc/nl-nl/000338757/dsa-2025-268-security-update-for-dell-networker-selection-of-less-secure-algorithm-during-negotiation-vulnerability

#VU112091 Algorithm downgrade in NetWorker Management Console and NetWorker - CVE-2025-36582

Description

Remediation

External links

Please verify you're human