CVE-2020-5344
HIGHDell iDRAC7, iDRAC8 and iDRAC9 - Unauthenticated Stack-based Buffer Overflow
Title source: llmDescription
Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.dell.com/support/article/en-us/sln320717/dsa-2020-063-idrac-buffer-overflow-vulnerability?lang=en
Scores
CVSS v3
7.0
EPSS
0.0411
EPSS Percentile
88.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
Details
CWE
CWE-121
CWE-787
Status
published
Products (3)
dell/idrac7_firmware
< 2.65.65.65
dell/idrac8_firmware
< 2.70.70.70
dell/idrac9_firmware
< 4.00.00.00
Published
Mar 31, 2020
Tracked Since
Feb 18, 2026