CNNVD-202508-2574 Information

Aug 21, 2025 cve

CNNVD ID

CNNVD-202508-2574

CVE-2025-38743

CNNVD Published: 2025-08-21

Description (Chinese)

Dell iDRAC Service Module是美国戴尔（Dell）公司的一个轻量级的软件模块，设计用于在Dell PowerEdge服务器上运行，以增强iDRAC（Integrated Dell Remote Access Controller）的功能。 Dell iDRAC Service Module 6.0.3.0之前版本存在安全漏洞，该漏洞源于缓冲区长度值错误，可能导致代码执行和权限提升。

Description (English)

Dell iDRAC Service Modele, a lightweight software module of Dell Inc., was designed to operate on the Dell PowerEdge server to enhance the iDRAC (Integraded Dell Remote Access Consortium). There was a security loophole in the pre-Dell iDRAC Service Mode.0.0.0, which stemmed from an error in the value of the buffer zone ’ s length, which could lead to code implementation and increased access.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

戴尔

Published

2025-08-21

Last Modified

2026-02-24

References

https://www.dell.com/support/kbdoc/en-us/000359617/dsa-2025-311-security-update-for-dell-idrac-service-module-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2025-38743

Patch

https://www.dell.com/support/kbdoc/en-us/000359617/dsa-2025-311-security-update-for-dell-idrac-service-module-vulnerabilities

Share on: