Primary

Context

Dell iDRAC Service Module Buffer Access Vulnerability Leading to Code Execution and Privilege Escalation

Vulnerability

Patched

A buffer access vulnerability with an incorrect length value has been identified in Dell iDRAC Service Module (iSM) versions prior to 6.0.3.0. This vulnerability allows a low privileged attacker with local access to potentially exploit the issue, leading to code execution and elevation of privileges.

Impact

Exploitation of this vulnerability could result in unauthorized code execution and elevated privileges on the affected system.

Remediation

Users can upgrade to Dell iDRAC Service Module version 6.0.3.0 or later. The updated version is available through the Dell iDRAC Service Module for Windows driver details page.

Added: Aug 21, 2025, 7:17 PM

Updated: Aug 21, 2025, 7:17 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell iDRAC Service Module Buffer Access Vulnerability Leading to Code Execution and Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

Dell iDRAC Service Module

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating