#VU16673 Error handling in iDRAC8 and iDRAC7 - CVE-2018-15776

Cybersecurity Help s.r.o.

Published: 2018-12-24 | Updated: 2019-02-21

Vulnerability identifier: #VU16673

Vulnerability risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-15776

CWE-ID: CWE-388

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
iDRAC8
Web applications / Remote management & hosting panels
iDRAC7
Web applications / Remote management & hosting panels

Vendor: Dell

Description
The vulnerability allows a physical attacker to gain elevated privileges.

The vulnerability exists due to improper error handling. A physical attacker with operator privileges can gain elevated privileges and get access to the u-boot shell.

Mitigation
Install update from vendor's website.

Vulnerable software versions

iDRAC8: 2.00.00.00 - 2.55.55.50

iDRAC7: 2.10.10.10 - 2.60.60.60

External links
https://www.dell.com/support/article/us/en/19/sln315190/dell-emc-idrac-multiple-vulnerabilities-cve-2018-15774-and-cve-2018-15776-?lang=en

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Privilege escalation in Dell EMC iDRAC