CVE-2025-38743
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-21
Last updated on: 2025-09-03
Assigner: Dell
Description
Description
Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | emc_idrac_service_module | to 6.0.3.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-805 | The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Dell iDRAC Service Module (iSM) versions prior to 6.0.3.0 and is a Buffer Access with Incorrect Length Value issue. It allows a low privileged attacker with local access to potentially exploit the flaw, which can lead to code execution and elevation of privileges.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker with low privileges and local access to execute arbitrary code and elevate their privileges on the affected system, potentially compromising system integrity, confidentiality, and availability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70