CVE-2024-3411

CRITICAL

IPMI - Privilege Escalation

Title source: llm

Description

Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device.

References (4)

[Various Sources] https://www.intel.la/content/dam/www/public/us/en/documents/specification-updates/ipmi-intelligent-platform-mgt-interface-spec-2nd-gen-v2-0-spec-update.pdf

[Various Sources] https://www.dell.com/support/kbdoc/en-US/000226504/dsa-2024-295-security-update-for-dell-idrac8-ipmi-session-vulnerability

[Third Party Advisory, US Government Resource] https://kb.cert.org/vuls/id/163057

[Third Party Advisory, US Government Resource] https://www.kb.cert.org/vuls/id/163057

Scores

CVSS v3 9.1

EPSS 0.0030

EPSS Percentile 53.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-331

Status published

Products (2)

Dell/iDRAC8 2.86.86.86

Intel/IPMI 2.0, revision 1.1E7

Published Apr 30, 2024

Tracked Since Feb 18, 2026