Severity
High
Analysis Summary
CVE-2025-27689 CVSS:7.8
Dell iDRAC Tools, version(s) prior to 11.3.0.0, contain(s) an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2025-36573 CVSS:7.1
Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure.
Impact
- Privilege Escalation
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-27689
CVE-2025-36573
Affected Vendors
- Dell
Affected Products
- Dell iDRAC Tools- version(s) prior to 11.3.0.0
- Dell Smart Dock Firmware- versions prior to 01.00.08.01
Remediation
Refer to the Dell Website for patch, upgrade, or suggested workaround information.