7.8
CVE-2025-38743
- EPSS 0.14%
- Veröffentlicht 21.08.2025 18:46:41
- Zuletzt bearbeitet 03.09.2025 16:22:35
- Quelle security_alert@emc.com
- CVE-Watchlists
- Unerledigt
Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Emc Idrac Service Module Version < 6.0.3.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.033 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security_alert@emc.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-805 Buffer Access with Incorrect Length Value
The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://www.dell.com/support/kbdoc/en-us/000359617/dsa-2025-311-security-update-for-dell-idrac-service-module-vulnerabilities