CVE-2019-3764

Vulnerability

Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70, and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability (CWE-285). The flaw allows an authenticated remote user with low privileges to bypass authorization checks and access resources intended for more privileged users [1].

Exploitation

An attacker must have valid iDRAC credentials with low privileges (e.g., a read‑only user) and network access to the iDRAC management interface. No special position or race condition is required; the attacker simply sends crafted API calls that the vulnerable firmware fails to properly authorize [1].

Impact

Successful exploitation enables the attacker to obtain sensitive information such as password hashes of other iDRAC users. This can lead to further lateral movement or privilege escalation within the management plane if the attacker cracks the stolen hashes [1].

Mitigation

Dell EMC has released fixed firmware versions: iDRAC9 must be upgraded to version 3.36.36.36 (or later 3.40.40.40), iDRAC8 to version 2.70.70.70, and iDRAC7 to version 2.65.65.65. iDRAC9 and iDRAC8 firmware were available at publication date (November 2019); iDRAC7 firmware was planned for April 2020 [1]. No workaround is described; upgrading to the patched versions is the recommended mitigation.