Dell EMC iDRAC memory corruption Vulnerability


A critical vulnerabiltiy has been identified in Dell EMC iDRAC7, iDRAC8 and iDRAC9. Some unknown processing is affected by this issue. Manipulation with an unknown input can lead to stack based memory corruption.

Dell EMC iDRAC memory corruption Vulnerability

Posted on 2020-04-01 by Peter Bassill in category Penetration Testing.


Penetration Testing   Vulnerability  


A critical vulnerabiltiy has been identified in Dell EMC iDRAC7, iDRAC8 and iDRAC9.


Some unknown processing is affected by this issue. Manipulation with an unknown input can lead to stack based memory corruption.


Declaring the problem with CWE leads to CWE-121.


The Vulnerability was disclosed on the 31st of March 2020 and is being idendified as CVE-20205344.


Since the 1st of April 2020, the attack can be launched remotely and no form of authentication is required for exploitation.


Whilst full technical details are not yet publicly available we invite you to search for CVE's.


Upgrading to version 2.65.65.65, 2.70.70.70 or 4.00.00.00 will eliminate this vulnerability.


If you would like some help or advice with this CVE or vulnerability management please feel free to contact our team at any time.


Get in Touch

Kindly fill the form and we will get back to you.

Contact us if you are experiencing a Cyber IncidentHaving a Cyber Incident?