Multiple vulnerabilities in Dell iDRAC9 and iDRAC8
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2022-34435 CVE-2022-34436 |
| CWE-ID | CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
iDRAC9 Web applications / Remote management & hosting panels iDRAC8 Web applications / Remote management & hosting panels |
| Vendor | Dell |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU75574
Risk: Medium
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-34435
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input in Racadm when the firmware lock-down configuration is set. A remote privileged user can bypass the firmware lock-down configuration and perform a firmware update.
MitigationInstall updates from vendor's website.
Vulnerable software versionsiDRAC9: 5.00.00.00 - 6.00.02.00
CPE2.3- cpe:2.3:a:dell:idrac9:5.00.00.00:*:*:*:*:*:*:*
- cpe:2.3:a:dell:idrac9:5.00.10.00:*:*:*:*:*:*:*
- cpe:2.3:a:dell:idrac9:5.00.10.20:*:*:*:*:*:*:*
https://www.dell.com/support/kbdoc/000205346
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU75575
Risk: Medium
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-34436
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input in Racadm when the firmware lock-down configuration is set. A remote privileged user can bypass the firmware lock-down configuration and perform a firmware update.
MitigationInstall updates from vendor's website.
Vulnerable software versionsiDRAC8: before 2.84.84.84
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
