vulnerability

Dell iDRAC: CVE-2024-25943: DSA-2024-099: Security Update for Dell iDRAC9 IPMI Session Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:M/Au:N/C:P/I:C/A:P)	Jun 28, 2024	Nov 21, 2024	Sep 23, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:C/A:P)

Published

Jun 28, 2024

Added

Nov 21, 2024

Modified

Sep 23, 2025

Description

iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking vulnerability in IPMI. A remote attacker could potentially exploit this vulnerability, leading to arbitrary code execution on the vulnerable application.

Solution

dell-idrac-upgrade-latest

References

URL-https://www.dell.com/support/kbdoc/en-us/000226503/dsa-2024-099-security-update-for-dell-idrac9-ipmi-session-vulnerability
CVE-2024-25943
https://attackerkb.com/topics/CVE-2024-25943
CWE-330

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today