Memory Access Vulnerability in Dell PowerEdge Platform BIOS
CVE-2025-36581

3.8LOW

Key Information:

Vendor: Dell
Status: Poweredge
Vendor: CVE Published:; 14 August 2025

What is CVE-2025-36581?

The Dell PowerEdge Platform, specifically version 14G AMD BIOS prior to v1.25.0, contains a vulnerability that allows low privileged attackers with local access to exploit memory outside the intended buffer limits. This could lead to unauthorized information exposure, posing a security risk to systems reliant on this BIOS version. Users are recommended to apply the latest updates to mitigate this risk.

Affected Version(s)

PowerEdge < 1.26.0

References

https://www.dell.com/support/kbdoc/en-us/000356405/dsa-20...

vendor-advisory

CVSS V3.1

Score:

3.8

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2025
Vulnerability Reserved
Apr 15, 2025

Credit

Dell would like to thank codebreaker1337 for reporting this issue