CNNVD-202508-2575 Information

Aug 21, 2025 cve

CNNVD ID

CNNVD-202508-2575

CVE-2025-38742

CNNVD Published: 2025-08-21

Description (Chinese)

Dell iDRAC Service Module是美国戴尔（Dell）公司的一个轻量级的软件模块，设计用于在Dell PowerEdge服务器上运行，以增强iDRAC（Integrated Dell Remote Access Controller）的功能。 Dell iDRAC Service Module 6.0.3.0之前版本存在安全漏洞，该漏洞源于关键资源权限分配不当，可能导致代码执行。

Description (English)

Dell iDRAC Service Modele, a lightweight software module of Dell Inc., was designed to operate on the Dell PowerEdge server to enhance the iDRAC (Integraded Dell Remote Access Consortium). There was a security loophole in the pre-Dell iDRAC Service Mode 6.03.0 version, which stemmed from the misallocation of critical resource authority, which could lead to code implementation.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

戴尔

Published

2025-08-21

Last Modified

2026-02-24

References

https://www.dell.com/support/kbdoc/en-us/000359617/dsa-2025-311-security-update-for-dell-idrac-service-module-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2025-38742

Patch

https://www.dell.com/support/kbdoc/en-us/000359617/dsa-2025-311-security-update-for-dell-idrac-service-module-vulnerabilities

Share on: