Stack Buffer Overflow Vulnerability in Dell iDRAC 8 and 9 Devices
CVE-2021-36301

5.9MEDIUM

Key Information:

Vendor: Dell
Status: Integrated Dell Remote Access Controller (idrac)
Vendor: CVE Published:; 23 November 2021

Summary

Dell iDRAC 8 and iDRAC 9 have a security flaw that allows an authenticated remote attacker to exploit a Stack Buffer Overflow in the Racadm utility. This vulnerability could lead to unauthorized control over process execution, enabling the attacker to access the host operating system. Users with affected devices should update to the latest versions to mitigate potential risks.

Affected Version(s)

Integrated Dell Remote Access Controller (iDRAC) < 4.40.40.00

References

https://support.emc.com/kb/000191229

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 23, 2021
Vulnerability Reserved
Jul 8, 2021