CVE-2024-25951

Name of the Vulnerable Software and Affected Versions Dell Integrated Remote Access Controller 8 (iDRAC8) (affected versions not specified)

Description A command injection vulnerability exists in local RACADM, which is related to incorrect input validation. This issue can be exploited by a malicious authenticated user to gain control of the underlying operating system. The vulnerability allows a remote attacker to potentially take control of the system.

Recommendations As a temporary workaround, consider disabling the local RACADM until a patch is available. Restrict access to the local RACADM to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.