DSA-2025-371: Security Update for Dell PowerEdge T40 Mini Tower Server for 2025.3 IPU, Intel Chipset and UEFI Firmware Vulnerabilities

Summary: Dell PowerEdge T40 Mini Tower Server remediation is available for 2025.3 IPU, Intel Chipset and UEFI Firmware vulnerabilities that could be exploited by malicious users to compromise the affected systems. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

High

Details

Third-party Component

CVEs

More Information

2025.3 IPU, Intel Chipset Firmware

CVE-2025-20037, CVE-2025-20067, CVE-2025-22392

INTEL-SA-01280This hyperlink is taking you to a website outside of Dell Technologies.

UEFI Reference Firmware

CVE-2025-20064

INTEL-SA-01234This hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2025-20037, CVE-2025-20067, CVE-2025-22392

PowerEdge T40

BIOS

Versions prior to 1.21.0

Version 1.21.0 or later

https://www.dell.com/support/home/product-support/product/poweredge-t40/drivers

CVE-2025-20064

PowerEdge T40

BIOS

Versions prior to 1.20.0

Version 1.20.0 or later

https://www.dell.com/support/home/product-support/product/poweredge-t40/drivers

 

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2025-20037, CVE-2025-20067, CVE-2025-22392

PowerEdge T40

BIOS

Versions prior to 1.21.0

Version 1.21.0 or later

https://www.dell.com/support/home/product-support/product/poweredge-t40/drivers

CVE-2025-20064

PowerEdge T40

BIOS

Versions prior to 1.20.0

Version 1.20.0 or later

https://www.dell.com/support/home/product-support/product/poweredge-t40/drivers

 

Revision History

Revision

Date

Description

1.0

2025-10-15

Initial release

2.0

2026-03-10
  • Added INTEL-SA-01234 under "THIRD-PARTY COMPONENTS" Table.
  • Updated the “Title” and “CVE ID” to add reference for INTEL-SA-01234.
  • Updated the "AFFECTED PRODUCTS AND REMEDIATION" table.

 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerEdge T40
Article Properties
Article Number: 000379613
Article Type: Dell Security Advisory
Last Modified: 10 Mar 2026
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.