DSA-2025-169: Security Update for Dell iDRAC Tools Vulnerabilities

詳細記事

影響

詳細

影響を受ける製品と修復

変更履歴

確認

概要: Dell iDRAC Tools remediation is available for an Improper Access Control vulnerability that could be exploited by malicious users to compromise the affected system.

この記事は次に適用されます：この記事は次には適用されません：この記事は、特定の製品に関連付けられていません。すべての製品パージョンがこの記事に記載されているわけではありません。

他のリソースを確認する

影響

High

詳細

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2025-27689	Dell iDRAC Tools, version(s) prior to 11.3.0.0, contain(s) an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.	7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2025-27689	Dell iDRAC Tools, version(s) prior to 11.3.0.0, contain(s) an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.	7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

デル・テクノロジーズでは、すべてのお客様に対して、CVSSベーススコアに加えて、特定のセキュリティの脆弱性に付随する潜在的な重要度に影響する可能性のある現状スコアや環境スコアも考慮することをお勧めしています。

影響を受ける製品と修復

Product	Affected Versions	Remediated Versions	Link
Dell iDRAC Tools	Versions prior to 11.3.0.0	Version 11.3.0.0 or later	Customer can download the SWB images from Dell Digital Lockers

Product	Affected Versions	Remediated Versions	Link
Dell iDRAC Tools	Versions prior to 11.3.0.0	Version 11.3.0.0 or later	Customer can download the SWB images from Dell Digital Lockers

Caution:

For full remediation, customers must upgrade to Dell iDRAC Tools Version 11.3.0.0 or later and the correct Windows Server 2025 version.
It is recommended customers leverage the SWB image from the Dell Digital locker (How to Access Your Dell Digital Locker) which includes the remediated Dell iDRAC Tools version and the appropriate Windows Server 2025 version.
Windows 2025 Server versions listed below:

V51N7 - Windows Server 2025 Standard
JT4MH - Windows Server 2025 Datacenter
G5F67 - Windows Server 2025 Essentials

変更履歴

Revision	Date	Description
1.0	2025-06-12	Initial Release

確認

Dell would like to thank “falconCorrup” for reporting this issue.

法的免責事項

対象製品

iDRAC9 - 3.0x Series, iDRAC9 - 3.1x Series, iDRAC9 - 3.2x Series, iDRAC9 - 3.3x Series, iDRAC9 - 3.4x Series, iDRAC9 - 4.xx Series, iDRAC9 - 5.xx Series, iDRAC9 - 6.xx Series, iDRAC9 - 7.xx Series, OEMR XL R670, OEMR R6515, OEMR XL R660, OEMR R7515 , OEMR R7525, OEMR XL R760, OEMR XL R660xs, OEMR XL R6615, OEMR XL R6625, OEMR XL R6715, OEMR XL R6725, OEMR XL R760xs, OEMR XL R7615, OEMR XL R7625, OEMR XL R7715, Precision 7960 XL Rack, Poweredge C4140, PowerEdge C6400, PowerEdge C6420, PowerEdge C6520, PowerEdge C6525, PowerEdge C6600, PowerEdge C6615, PowerEdge C6620, PowerEdge FC640, PowerEdge HS5610, PowerEdge HS5620, PowerEdge M640, PowerEdge M640 (for PE VRTX), PowerEdge MX5016s, PowerEdge MX7000, PowerEdge MX740C, PowerEdge MX750c, PowerEdge MX760c, PowerEdge MX840C, PowerEdge R240, PowerEdge R260, PowerEdge R340, PowerEdge R360, PowerEdge R440, PowerEdge R450, PowerEdge R470, PowerEdge R540, PowerEdge R550, PowerEdge R570, PowerEdge R640, PowerEdge R6415, PowerEdge R650, PowerEdge R6515, PowerEdge R6525, PowerEdge R660, PowerEdge R660xs, PowerEdge R6615, PowerEdge R6625, PowerEdge R670, PowerEdge R6715, PowerEdge R740, PowerEdge R740XD, PowerEdge R740XD2, PowerEdge R7415, PowerEdge R7425, PowerEdge R750, PowerEdge R750XA, PowerEdge R7515, PowerEdge R7525, PowerEdge R760, PowerEdge R760XA, PowerEdge R760xd2, PowerEdge R760xs, PowerEdge R7615, PowerEdge R7625, PowerEdge R770, PowerEdge R840, PowerEdge R860, PowerEdge R940, PowerEdge R940xa, PowerEdge R960, PowerEdge T140, PowerEdge T160, PowerEdge T340, PowerEdge T360, PowerEdge T440, PowerEdge T560, PowerEdge T640, PowerEdge XE8640, PowerEdge XE9640, PowerEdge XE9680, PowerEdge XR11, PowerEdge XR12, PowerEdge XR5610, PowerEdge XR7620, PowerEdge XR8610t, PowerEdge XR8620t, Precision 7960 Rack, Dell EMC vSAN C6420 Ready Node, Dell EMC vSAN MX740c Ready Node, Dell EMC vSAN MX750c Ready Node, Dell vSAN Ready Node MX760c, Dell EMC vSAN R440 Ready Node, Dell EMC vSAN R640 Ready Node, Dell EMC vSAN R6415 Ready Node, Dell EMC vSAN R650 Ready Node, Dell EMC vSAN R6515 Ready Node, vSAN Ready Node R660, Dell vSAN R6615 Ready Node, Dell EMC vSAN R740 Ready Node, Dell EMC vSAN R740xd Ready Node, Dell EMC vSAN R750 Ready Node, Dell EMC vSAN R7515 Ready Node, Dell EMC vSAN R760 Ready Node, Dell vSAN R7615 Ready Node, Dell vSAN Ready Node R7625, Dell EMC vSAN R840 Ready Node ...

文書番号: 000323242

文書の種類: Dell Security Advisory

最終更新: 12 6月 2025

お使いのデバイスがサポートサービスの対象かどうかを確認してください。

DSA-2025-169: Security Update for Dell iDRAC Tools Vulnerabilities

概要: Dell iDRAC Tools remediation is available for an Improper Access Control vulnerability that could be exploited by malicious users to compromise the affected system.

影響

詳細

影響を受ける製品と修復

変更履歴

確認

関連情報

法的免責事項

対象製品

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポートサービス

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポートサービス

DSA-2025-169: Security Update for Dell iDRAC Tools Vulnerabilities

概要: Dell iDRAC Tools remediation is available for an Improper Access Control vulnerability that could be exploited by malicious users to compromise the affected system.

詳細記事

影響

詳細

影響を受ける製品と修復

変更履歴

確認

関連情報

法的免責事項

対象製品

影響

詳細

影響を受ける製品と修復

変更履歴

確認

関連情報

法的免責事項

対象製品

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポート サービス

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポート サービス

サポートサービス

サポートサービス