DSA-2025-123: Security Update for Dell Chassis Management Controller Firmware for Dell PowerEdge FX2 and VRTX Vulnerabilities
Summary: Dell PowerEdge Chassis Management Controller (CMC) remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Critical
Details
|
Third-party Component |
CVEs |
More Information |
|
net-snmpd |
CVE-2018-18065, |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2025-26336 |
Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. |
8.3 |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2025-26336 |
Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. |
8.3 |
Affected Products & Remediation
|
CVEs Addressed |
Product |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2018-18065, CVE-2018-1000116, CVE-2025-26336 |
Dell Chassis Management Controller (CMC) for Dell PowerEdge FX2 |
Versions prior to 2.40.200.202101130302 |
Version 2.41.200.202503050519 or later |
|
|
CVE-2018-18065, CVE-2018-1000116, CVE-2025-26336 |
Dell Chassis Management Controller (CMC) for PowerEdge VRTX |
Versions prior to 3.41.200.202209300499 |
Version 3.42.200.202503050519 or later
|
|
CVEs Addressed |
Product |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2018-18065, CVE-2018-1000116, CVE-2025-26336 |
Dell Chassis Management Controller (CMC) for Dell PowerEdge FX2 |
Versions prior to 2.40.200.202101130302 |
Version 2.41.200.202503050519 or later |
|
|
CVE-2018-18065, CVE-2018-1000116, CVE-2025-26336 |
Dell Chassis Management Controller (CMC) for PowerEdge VRTX |
Versions prior to 3.41.200.202209300499 |
Version 3.42.200.202503050519 or later
|
Revision History
|
Revision |
Date |
Description |
|
1.0 |
2025-03-20 |
Initial Release |
Acknowledgements
Dell would like to thank Aliz Hammond of watchTowr for reporting these issues.
Related Information
Legal Disclaimer
Affected Products
Dell Chassis Management Controller Version 1.32 for Dell PowerEdge FX2, Dell Chassis Management Controller Version 1.40 for Dell PowerEdge FX2, Dell Chassis Management Controller Version 1.41 for Dell PowerEdge FX2
, Dell Chassis Management Controller Version 1.42 for Dell PowerEdge FX2, Dell Chassis Management Controller Version 2.0 for Dell PowerEdge FX2, Dell Chassis Management Controller Version 2.10 For Dell PowerEdge FX2, Dell Chassis Management Controller Version 2.11 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 2.12 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 2.20 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 2.20 For Dell PowerEdge FX2, Dell Chassis Management Controller Version 2.21 For Dell PowerEdge FX2, Dell Chassis Management Controller Version 2.22 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 2.23 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 2.30 For Dell PowerEdge FX2, Dell Chassis Management Controller Version 3.0 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 3.10 For Dell PowerEdge VRTX, Dell Chassis Management Controller Version 3.20 For Dell PowerEdge VRTX, Dell Chassis Management Controller Version 3.21 For Dell PowerEdge VRTX, Dell Chassis Management Controller Version 3.30 For Dell PowerEdge VRTX, Dell Chassis Management Controller Version 1.0 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 1.20 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 1.25 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 1.30 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 1.35 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 1.10 for Dell PowerEdge FX2, Dell Chassis Management Controller Version 1.20 for Dell PowerEdge FX2, Dell Chassis Management Controller Version 1.30 for Dell PowerEdge FX2, Dell Chassis Management Controller Version 2.0 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 2.0.1 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 2.0.3 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 2.04 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 2.10 for Dell PowerEdge VRTX, Dell Chassis Management Controller Version 1.36 for Dell PowerEdge VRTX
...
Article Properties
Article Number: 000297463
Article Type: Dell Security Advisory
Last Modified: 20 Mar 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.