Details of VAR-202601-0741

ID

VAR-202601-0741

CVE

CVE-2025-46696

TITLE

Dell's secure connect gateway Unnecessary Privileged Execution Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2026-002684

DESCRIPTION

Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2025-46696 // JVNDB: JVNDB-2026-002684

AFFECTED PRODUCTS

vendor:	dell	model:	secure connect gateway	scope:	lt	version:	5.32.00.00	Trust: 1.0
vendor:	dell	model:	secure connect gateway	scope:	gte	version:	5.26.00.00	Trust: 1.0
vendor:	デル	model:	secure connect gateway	scope:	-	version:	-	Trust: 0.8
vendor:	デル	model:	secure connect gateway	scope:	eq	version:	-	Trust: 0.8
vendor:	デル	model:	secure connect gateway	scope:	eq	version:	5.26.00.00 that's all 5.32.00.00	Trust: 0.8

sources: JVNDB: JVNDB-2026-002684 // NVD: CVE-2025-46696

CVSS

SEVERITY

CVSSV2

CVSSV3

security_alert@emc.com:	CVE-2025-46696
value:	MEDIUM
Trust: 1.0
nvd@nist.gov:	CVE-2025-46696
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2025-46696
value:	MEDIUM
Trust: 0.8

security_alert@emc.com:	CVE-2025-46696
baseSeverity:	MEDIUM
baseScore:	6.4
vectorString:	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.5
impactScore:	5.9
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2025-46696
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2025-46696
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-002684 // NVD: CVE-2025-46696 // NVD: CVE-2025-46696

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-250	Trust: 1.0
problemtype:	Execution with unnecessary privileges (CWE-250) [ others ]	Trust: 0.8
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-002684 // NVD: CVE-2025-46696

PATCH

title:

DSA-2025-390

url:

https://www.dell.com/support/kbdoc/en-us/000385230/dsa-2025-390-dell-secure-connect-gateway-security-update-for-multiple-vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2026-002684

EXTERNAL IDS

db:	NVD	id:	CVE-2025-46696	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-002684	Trust: 0.8

sources: JVNDB: JVNDB-2026-002684 // NVD: CVE-2025-46696

REFERENCES

url:	https://www.dell.com/support/kbdoc/en-us/000385230/dsa-2025-390-dell-secure-connect-gateway-security-update-for-multiple-vulnerabilities	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-46696	Trust: 0.8

sources: JVNDB: JVNDB-2026-002684 // NVD: CVE-2025-46696

SOURCES

db:	JVNDB	id:	JVNDB-2026-002684
db:	NVD	id:	CVE-2025-46696

LAST UPDATE DATE

2026-02-12T23:44:43.801000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-002684	date:	2026-02-05T06:46:00
db:	NVD	id:	CVE-2025-46696	date:	2026-02-03T16:57:35.983

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-002684	date:	2026-02-05T00:00:00
db:	NVD	id:	CVE-2025-46696	date:	2026-01-06T15:15:44.040