DSA-2025-169: Security Update for Dell iDRAC Tools Vulnerabilities

Summary: Dell iDRAC Tools remediation is available for an Improper Access Control vulnerability that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

High

Details

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-27689

Dell iDRAC Tools, version(s) prior to 11.3.0.0, contain(s) an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

7.8

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

 

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-27689

Dell iDRAC Tools, version(s) prior to 11.3.0.0, contain(s) an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

7.8

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product

Affected Versions

Remediated Versions

Link

Dell iDRAC Tools

Versions prior to 11.3.0.0

 Version 11.3.0.0 or later

Customer can download the SWB images from Dell Digital Lockers

 

Product

Affected Versions

Remediated Versions

Link

Dell iDRAC Tools

Versions prior to 11.3.0.0

 Version 11.3.0.0 or later

Customer can download the SWB images from Dell Digital Lockers

 

Caution:
  • For full remediation, customers must upgrade to Dell iDRAC Tools Version 11.3.0.0 or later and the correct Windows Server 2025 version.
  • It is recommended customers leverage the SWB image from the Dell Digital locker (How to Access Your Dell Digital Locker) which includes the remediated Dell iDRAC Tools version and the appropriate Windows Server 2025 version.
  • Windows 2025 Server versions listed below:
    • V51N7 - Windows Server 2025 Standard
    • JT4MH - Windows Server 2025 Datacenter
    • G5F67 - Windows Server 2025 Essentials

Revision History

Revision

Date

Description

1.0

2025-06-12

Initial Release

 

Acknowledgements

Dell would like to thank “falconCorrup” for reporting this issue.

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

iDRAC9 - 3.0x Series, iDRAC9 - 3.1x Series, iDRAC9 - 3.2x Series, iDRAC9 - 3.3x Series, iDRAC9 - 3.4x Series, iDRAC9 - 4.xx Series, iDRAC9 - 5.xx Series, iDRAC9 - 6.xx Series, iDRAC9 - 7.xx Series, OEMR XL R670, OEMR R6515, OEMR XL R660, OEMR R7515 , OEMR R7525, OEMR XL R760, OEMR XL R660xs, OEMR XL R6615, OEMR XL R6625, OEMR XL R6715, OEMR XL R6725, OEMR XL R760xs, OEMR XL R7615, OEMR XL R7625, OEMR XL R7715, Precision 7960 XL Rack, Poweredge C4140, PowerEdge C6400, PowerEdge C6420, PowerEdge C6520, PowerEdge C6525, PowerEdge C6600, PowerEdge C6615, PowerEdge C6620, PowerEdge FC640, PowerEdge HS5610, PowerEdge HS5620, PowerEdge M640, PowerEdge M640 (for PE VRTX), PowerEdge MX5016s, PowerEdge MX7000, PowerEdge MX740C, PowerEdge MX750c, PowerEdge MX760c, PowerEdge MX840C, PowerEdge R240, PowerEdge R260, PowerEdge R340, PowerEdge R360, PowerEdge R440, PowerEdge R450, PowerEdge R470, PowerEdge R540, PowerEdge R550, PowerEdge R570, PowerEdge R640, PowerEdge R6415, PowerEdge R650, PowerEdge R6515, PowerEdge R6525, PowerEdge R660, PowerEdge R660xs, PowerEdge R6615, PowerEdge R6625, PowerEdge R670, PowerEdge R6715, PowerEdge R740, PowerEdge R740XD, PowerEdge R740XD2, PowerEdge R7415, PowerEdge R7425, PowerEdge R750, PowerEdge R750XA, PowerEdge R7515, PowerEdge R7525, PowerEdge R760, PowerEdge R760XA, PowerEdge R760xd2, PowerEdge R760xs, PowerEdge R7615, PowerEdge R7625, PowerEdge R770, PowerEdge R840, PowerEdge R860, PowerEdge R940, PowerEdge R940xa, PowerEdge R960, PowerEdge T140, PowerEdge T160, PowerEdge T340, PowerEdge T360, PowerEdge T440, PowerEdge T560, PowerEdge T640, PowerEdge XE8640, PowerEdge XE9640, PowerEdge XE9680, PowerEdge XR11, PowerEdge XR12, PowerEdge XR5610, PowerEdge XR7620, PowerEdge XR8610t, PowerEdge XR8620t, Precision 7960 Rack, Dell EMC vSAN C6420 Ready Node, Dell EMC vSAN MX740c Ready Node, Dell EMC vSAN MX750c Ready Node, Dell vSAN Ready Node MX760c, Dell EMC vSAN R440 Ready Node, Dell EMC vSAN R640 Ready Node, Dell EMC vSAN R6415 Ready Node, Dell EMC vSAN R650 Ready Node, Dell EMC vSAN R6515 Ready Node, vSAN Ready Node R660, Dell vSAN R6615 Ready Node, Dell EMC vSAN R740 Ready Node, Dell EMC vSAN R740xd Ready Node, Dell EMC vSAN R750 Ready Node, Dell EMC vSAN R7515 Ready Node, Dell EMC vSAN R760 Ready Node, Dell vSAN R7615 Ready Node, Dell vSAN Ready Node R7625, Dell EMC vSAN R840 Ready Node ...
Article Properties
Article Number: 000323242
Article Type: Dell Security Advisory
Last Modified: 12 Jun 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.