Dell Digital Delivery Insufficiently Protected Credentials Vulnerability (CVE-2025-3879) Security Update

Critical Vulnerability Information Vulnerability Overview Title: DSA-2025-302: Security Update for Dell Digital Delivery for an Insufficiently Protected Credentials Vulnerability Summary: Dell Digital Delivery versions prior to 5.6.1.0 contain an Insufficiently Protected Credentials vulnerability. A remote authenticated attacker could potentially exploit this vulnerability, leading to Information Disclosure. CVE Information CVE ID: CVE-2025-3879 CVSS Base Score: 7.2 CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Affected Products and Remediation Product: Dell Digital Delivery Affected Versions: Versions prior to 5.6.1.0 Fixed Versions: Version 5.6.1.0 or later Release Date: 07/28/2025 Link: How to Download and Install Dell Digital Delivery Revision History Version: 1.0 Date: 2025.07.31 Description: Initial Release Acknowledgments Reporter: l0p0d Legal Disclaimer Provides information and recommendations regarding the use of this security advisory, but does not offer any express or implied warranties.

Goal Reached Thanks to every supporter — we hit 100%!

Dell Digital Delivery Insufficiently Protected Credentials Vulnerability (CVE-2025-3879) Security Update