CVE-2025-26482 | Dell iDRAC9 exposure of sensitive system information due to uncleared debug information (dsa-2025-046)

SecurityVulns
Yanac

A vulnerability classified as problematic has been found in Dell PowerEdge R770, PowerEdge R670, PowerEdge R570, PowerEdge R470, PowerEdge R6715, PowerEdge R7715, PowerEdge R6725, PowerEdge R7725, PowerEdge R660, PowerEdge R760, PowerEdge C6620, PowerEdge MX760c, PowerEdge R860, PowerEdge R960, PowerEdge HS5610, PowerEdge HS5620, PowerEdge R660xs, PowerEdge R760xs, PowerEdge R760xd2, PowerEdge T560, PowerEdge R760xa, PowerEdge XE9680, PowerEdge XE9680L, PowerEdge XR5610, PowerEdge XR8610t, PowerEdge XR8620t, PowerEdge XR7620, PowerEdge XE8640, PowerEdge XE9640, PowerEdge T160, PowerEdge T360, PowerEdge R260, PowerEdge R360, PowerEdge R650, PowerEdge R750, PowerEdge R750XA, PowerEdge C6520, PowerEdge MX750C, PowerEdge R550, PowerEdge R450, PowerEdge R650XS, PowerEdge R750XS, PowerEdge T550, PowerEdge XR11, PowerEdge XR12, PowerEdge XR4510c, PowerEdge XR4520c, PowerEdge T150, PowerEdge T350, PowerEdge R250, PowerEdge R350, PowerEdge R740, PowerEdge R740XD, PowerEdge R640, PowerEdge R940, PowerEdge R540, PowerEdge R440, PowerEdge T440, PowerEdge XR2, PowerEdge R740XD2, PowerEdge R840, PowerEdge R940XA, PowerEdge T640, PowerEdge C6420, PowerEdge FC640, PowerEdge M640, PowerEdge MX740C, PowerEdge MX840C, PowerEdge C4140, DSS 8440, PowerEdge XE2420, PowerEdge XE7420, PowerEdge XE7440, PowerEdge T140, PowerEdge T340, PowerEdge R240, PowerEdge R340, EMC Storage NX3240, EMC Storage NX3340, EMC NX440, XC Core XC660, XC Core XC760, XC Core XC660xs, XC Core XC760xa, EMC XC Core XC450, EMC XC Core XC650, EMC XC Core XC750, EMC XC Core XC750xa, EMC XC Core XC6520, EMC XC Core 6420 System, EMC XC Core XC640 System, EMC XC Core XC740xd System, EMC XC Core XC740xd2, EMC XC Core XC940 System, EMC XC Core XCXR2, PowerEdge R6615, PowerEdge R7615, PowerEdge R6625, PowerEdge R7625 and PowerEdge C6615. This vulnerability affects unknown code. This manipulation causes exposure of sensitive system information due to uncleared debug information.

This vulnerability appears as CVE-2025-26482. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More