Dell update package framework threatens system security

Dell's update packages jeopardize system security: Due to a vulnerability in Dell's Update Package Framework, malicious actors can extend their rights. This allows them to completely compromise affected systems.

Dell discusses the problem in a support article. “Users with low local privileges can abuse the vulnerability, which can lead to the execution of arbitrary scripts from the network on the server. Abuse could lead to a denial of service by an attacker,” the company also writes (CVE-2025-22395, CVSS 8.2, risk “high”).

Details of the vulnerability unclear

Dell does not describe how exactly the vulnerability can be exploited and how (successful) attacks can be detected. However, the IT experts explain that they recommend users not to use the extract option under Windows operating systems if the update package version is lower than 22.01.02 – it is apparently meant to be used by starting with a double click. For unpacking older files, the extract option on the command line should be used if necessary.

To find out the version number of Dell's update packages, right-click on the file in File Explorer and select “Properties”. The file version you are looking for can then be found in the “Details” tab, explains the company.

Dell's Update Package Framework is used to create executable files that contain updates for individual software elements on Dell systems, explains Dell in another support article. The generated Dell update packages can contain updates for the system BIOS, system firmware or device drivers, for example. This should allow components of many systems to be quickly and easily updated to the same versions.

In mid-December, Dell recently had to release numerous updates for software on its devices. In some cases, high-risk security vulnerabilities were found in device drivers for memory card readers or in sound drivers for several Dell laptop series.

(dmk)