5.5
CVE-2025-36581
- EPSS 0.01%
- Veröffentlicht 14.08.2025 14:15:30
- Zuletzt bearbeitet 14.01.2026 17:55:12
- Quelle security_alert@emc.com
- CVE-Watchlists
- Unerledigt
LoginDell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Poweredge R6415 Firmware Version < 1.26.0
Dell ≫ Poweredge R7415 Firmware Version < 1.26.0
Dell ≫ Poweredge R7425 Firmware Version <= 1.26.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.02 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| security_alert@emc.com | 3.8 | 2 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-788 Access of Memory Location After End of Buffer
The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.