← back
CVE-2025-26336

CVE-2025-26336

CVSS 8.3 HIGHEPSS 0.6%CWE-121
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.3EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
21 Mar 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
Affected products
Dell · Dell Chassis Management Controller (CMC) for Dell PowerEdge FX2Dell · Dell Chassis Management Controller (CMC) for PowerEdge VRTX

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.dell.com/support/kbdoc/en-us/000297463/dsa-2025-123-security-update-for-dell-chassis-management-controller-firmware-for-dell-poweredge-fx2-and-vrtx-vulnerabilities