Primary

Context

Dell iDRAC Service Module Incorrect Permission Assignment Vulnerability Allowing Code Execution

Vulnerability

Patched

A vulnerability exists in Dell iDRAC Service Module (iSM) versions prior to 6.0.3.0, due to incorrect permission assignments for critical resources. This vulnerability allows a low-privileged attacker with local access to potentially execute code on the affected system.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution on the affected system.

Remediation

Users can upgrade to Dell iDRAC Service Module version 6.0.3.0 or later. The update is available through the Dell iDRAC Service Module for Windows, v6.0.3.0.

Added: Aug 21, 2025, 7:18 PM

Updated: Aug 21, 2025, 7:18 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell iDRAC Service Module Incorrect Permission Assignment Vulnerability Allowing Code Execution

Vulnerability

Impact

Remediation

Affected Products

Dell iDRAC Service Module

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating