Dell Technologies has disclosed multiple high-severity vulnerabilities in its Storage Manager (DSM) software, affecting versions up to 20.1.21 and earlier. These flaws include an authentication-bypass, missing authentication, and an XML external entity (XXE) issue-together exposing storage environments to full compromise if left unpatched.
Vulnerability Highlights
- CVE-2025-43995 (CVSS 9.8) – Improper authentication in the DSM Data Collector component. An unauthenticated attacker with network access can exploit exposed APIs to bypass login and execute privileged operations.
- CVE-2025-43994 (CVSS 8.6) – Missing authentication for a critical function-an attacker could trigger information disclosure and map internal storage configurations.
- CVE-2025-46425 (CVSS 6.5) – Improper restriction of XML external entity references (XXE) allowing file disclosure or potential SSRF when interacted with via DSM version 20.1.20.
These vulnerabilities are exploitable remotely without privileges or user interaction, representing a serious risk to storage infrastructures.
Impact Across Industries
Storage systems are foundational to business operations-these flaws carry implications across every sector:
- Financial Services & FinTech – compromise of storage arrays handling transaction logs or client records can lead to data theft, fraud or compliance violations.
- Healthcare – storage of patient images, EHR systems or research data may be exposed or manipulated.
- Retail – warehouse, inventory and logistics systems could become disruptive targets if storage controllers are manipulated.
- Manufacturing & Industrial – storage infrastructure backing SCADA, firmware revision control or industrial datasets may become entry points for attacks.
- Government & Public Sector – critical data, backup systems, and storage environments could be weaponized for espionage or sabotage.
Recommended Immediate Actions
- Patch Immediately – Upgrade to DSM version 2020 R1.22 or later (or 20.1.21 patched build) to mitigate the disclosed flaws.
- Restrict Network Access – Isolate DSM management interfaces; only allow trusted administrative networks and enforce strong segmentation.
- Enable Strong Authentication – Ensure all access to storage management tools uses MFA and monitors for suspicious session activity.
- Monitor Logs & API Usage – Detect unusual API calls or usage of internal UserIds/SessionKeys, especially in the DataCollectorEar.ear component.
- Conduct Forensic Checks – Scan for unauthorised directory structures, large disk-usage creations (via CVE-2025-43994 patterns) and unexpected remote connections from storage systems.
- Harden XML/Parsing Configs – Disable or restrict XML external entity processing in any DSM component to mitigate XXE exposures.
- Backup & Containment Plans – Ensure offline immutable backups of critical data; prepare incident response plans that cover storage system compromise.
Conclusion
These defects reveal how storage management platforms, often trusted and less-scrutinised than servers, can become a high-impact attack vector. Because the risks span confidentiality, integrity and availability, the urgency is real. Organisations must treat storage-management software as part of the critical attack surface and act swiftly.
About COE Security
COE Security partners with organisations in financial services, healthcare, retail, manufacturing, and government to secure AI-powered systems and ensure compliance. Our offerings include:
- AI-enhanced threat detection and real-time monitoring
- Data governance aligned with GDPR, HIPAA, and PCI DSS
- Secure model validation to guard against adversarial attacks
- Customised training to embed AI security best practices
- Penetration Testing (Mobile, Web, AI, Product, IoT, Network & Cloud)
- Secure Software Development Consulting (SSDLC)
- Customised CyberSecurity Services
In light of the DSM vulnerabilities, we also provide storage-infrastructure security assessments, API-call anomaly detection for storage platforms, forensic readiness for storage controller compromise, and network segmentation design for infrastructure isolation.
Follow COE Security on LinkedIn for ongoing insights into safe, compliant AI adoption and to stay updated and cyber safe.