Overview
Dell has released updates to fix vulnerabilities in their products. Users of affected versions are advised to update to the latest version.
Affected Products
CVE-2024-25943
- iDRAC9 Generation 14: ~ 7.00.00.172 (excluded)
- iDRAC9 Generation 15 and 16: ~ 7.10.50.00 (excluded)
Resolved Vulnerabilities
Session hijacking vulnerability that could allow arbitrary code execution (CVE-2024-25943)
Vulnerability Patches
Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
CVE-2024-25943
- iDRAC9 Generation 14: version 7.00.00.172 or later
- iDRAC9 Generation 15, 16: version 7.10.50.00 or later
Referenced Sites
[1] CVE-2024-25943 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-25943
[2] DSA-2024-099: Security Update for Dell iDRAC9 IPMI session Vulnerability
Article Link: Dell Product Security Update Advisory (CVE-2024-25943) – ASEC