CVE-2022-34436

Name of the Vulnerable Software and Affected Versions Dell iDRAC8 versions 2.83.83.83 and prior

Description The issue is related to an improper input validation in Racadm when the firmware lock-down configuration is set, allowing a remote high privileged attacker to bypass this configuration and perform a firmware update.

Recommendations For Dell iDRAC8 versions 2.83.83.83 and prior, as a temporary workaround, consider restricting access to the Racadm interface until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.