Strix
26.1K

CVE-2025-26482

MEDIUMCVSS 4.9/10EPSS 0.28%

Last modified

CVE-2025-26482 is a medium-severity vulnerability rated 4.9/10 on the CVSS scale. Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure.. EPSS estimates a 0.28% chance of exploitation in the next 30 days.

Description

Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure.

Metrics

CVSS 3.1
4.9/10

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS Probability
0.28%

20.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
DellPoweredge R770 Firmware< 1.2.6
DellPoweredge R670 Firmware< 1.2.6
DellPoweredge R570 Firmware< 1.2.6
DellPoweredge R470 Firmware< 1.2.6
DellPoweredge R6715 Firmware< 1.1.2
DellPoweredge R7715 Firmware< 1.1.2
DellPoweredge R6725 Firmware< 1.1.3
DellPoweredge R7725 Firmware< 1.1.3
DellPoweredge R660 Firmware< 2.5.4
DellPoweredge R760 Firmware< 2.5.4
DellPoweredge C6620 Firmware< 2.5.4
DellPoweredge Mx760c Firmware< 2.5.4
DellPoweredge R860 Firmware< 2.5.4
DellPoweredge R960 Firmware< 2.5.4
DellPoweredge Hs5610 Firmware< 2.5.4
DellPoweredge Hs5620 Firmware< 2.5.4
DellPoweredge R660xs Firmware< 2.5.4
DellPoweredge R760xs Firmware< 2.5.4
DellPoweredge R760xd2 Firmware< 2.5.4
DellPoweredge T560 Firmware< 2.5.4
DellPoweredge R760xa Firmware< 2.5.4
DellPoweredge Xe9680 Firmware< 2.5.4
DellPoweredge Xe9680l Firmware< 2.5.4
DellPoweredge Xr5610 Firmware< 2.5.4
DellPoweredge Xr8610t Firmware< 2.5.4
DellPoweredge Xr8620t Firmware< 2.5.4
DellPoweredge Xr7620 Firmware< 2.5.4
DellPoweredge Xe8640 Firmware< 2.5.4
DellPoweredge Xe9640 Firmware< 2.5.4
DellPoweredge T160 Firmware< 2.0.0
DellPoweredge T360 Firmware< 2.0.0
DellPoweredge R260 Firmware< 2.0.0
DellPoweredge R360 Firmware< 2.0.0
DellPoweredge R650 Firmware< 1.16.2
DellPoweredge R750 Firmware< 1.16.2
DellPoweredge R750xa Firmware< 1.16.2
DellPoweredge C6520 Firmware< 1.16.2
DellPoweredge Mx750c Firmware< 1.16.2
DellPoweredge R550 Firmware< 1.16.2
DellPoweredge R450 Firmware< 1.16.2
DellPoweredge R650xs Firmware< 1.16.2
DellPoweredge R750xs Firmware< 1.16.2
DellPoweredge T550 Firmware< 1.16.2
DellPoweredge Xr11 Firmware< 1.16.2
DellPoweredge Xr12 Firmware< 1.16.2
DellPoweredge Xr4510c Firmware< 1.17.3
DellPoweredge Xr4520c Firmware< 1.17.3
DellPoweredge T150 Firmware< 1.11.1
DellPoweredge T350 Firmware< 1.11.1
DellPoweredge R250 Firmware< 1.11.1

Showing 50 of 113 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2025-26482?
Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure.
How severe is CVE-2025-26482?
CVE-2025-26482 has a CVSS score of 4.9/10 (MEDIUM severity). The EPSS model estimates a 0.28% probability of exploitation in the next 30 days.
How do I fix CVE-2025-26482?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-26482?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST