PT-2024-5578 · Dell · Dell Idrac Service Module

Published

2024-07-31

Updated

2024-08-02

CVE-2024-25948

CVSS v2.0

5.2

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:P/A:C

Name of the Vulnerable Software and Affected Versions Dell iDRAC Service Module versions 5.3.0.0 and prior

Description The issue is related to an out of bounds write vulnerability in the integrated Dell iDRAC Service Module. This could allow an attacker to execute arbitrary code or cause a denial of service. A privileged local attacker may exploit this issue, potentially resulting in a denial of service event.

Recommendations For Dell iDRAC Service Module versions 5.3.0.0 and prior, update to a version that contains a fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2024-06263

CVE-2024-25948

Affected Products

Dell Idrac Service Module

PT-2024-5578 · Dell · Dell Idrac Service Module

CVE-2024-25948

Weakness Enumeration

Related Identifiers

Affected Products

References · 7