PT-2020-6820 · Dell Emc · Idrac7+2

Published

2020-03-31

Updated

2020-04-03

CVE-2020-5344

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell EMC iDRAC7 versions prior to 2.65.65.65 Dell EMC iDRAC8 versions prior to 2.70.70.70 Dell EMC iDRAC9 versions prior to 4.00.00.00

Description The issue is caused by a stack-based buffer overflow. An unauthenticated remote attacker may exploit this to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.

Recommendations For Dell EMC iDRAC7 versions prior to 2.65.65.65, update to version 2.65.65.65 or later. For Dell EMC iDRAC8 versions prior to 2.70.70.70, update to version 2.70.70.70 or later. For Dell EMC iDRAC9 versions prior to 4.00.00.00, update to version 4.00.00.00 or later.

Fix

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

BDU:2022-07410

CVE-2020-5344

Affected Products

Idrac7

Idrac8

Idrac9

PT-2020-6820 · Dell Emc · Idrac7+2

CVE-2020-5344

Weakness Enumeration

Related Identifiers

Affected Products

References · 7