Primary

Context

Dell PowerEdge Server and iDRAC9 Information Disclosure Vulnerability

Vulnerability

Patched

A vulnerability allowing information disclosure exists in the BIOS of Dell PowerEdge Servers and in all versions of Dell iDRAC9. This issue can be exploited by a high-privileged attacker with remote access.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure.

Remediation

Dell PowerEdge Server users should update to version 1.16.2 or later, while iDRAC9 users should upgrade to version 7.00.00.181 or 7.20.10.50 or later, depending on their current version.

Added: Sep 25, 2025, 9:48 PM

Updated: Sep 25, 2025, 9:48 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell PowerEdge Server and iDRAC9 Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Dell iDRAC9

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating