CVE-2022-34436

Vulnerability

An improper input validation vulnerability exists in Dell iDRAC8 firmware version 2.83.83.83 and prior within the Racadm command-line interface. The bug is only reachable when the firmware lock-down configuration is enabled. This setting is designed to prevent unauthorized firmware changes, but a specially crafted input to Racadm can bypass the protection. The affected product is Dell iDRAC8 versions before 2.84.84.84 [1].

Exploitation

To exploit this vulnerability, an attacker must already possess high privileges on the iDRAC8 (i.e., administrator-level access). No user interaction from other accounts is required. The attacker sends a maliciously crafted command via the Racadm utility while the firmware lock-down is active. The improper input validation fails to enforce the lock-down policy, allowing the command to proceed [1].

Impact

A successful exploit allows the high-privileged attacker to bypass the firmware lock-down configuration and perform a firmware update. This could lead to the installation of a malicious or unauthorized firmware version, potentially compromising the integrity, confidentiality, and availability of the iDRAC8 and the host server [1].

Mitigation

Dell has released iDRAC8 firmware version 2.84.84.84 to remediate this vulnerability. The fixed version is available for download via the Dell support driver page (driver ID G79DW). Customers should update to version 2.84.84.84 or later. No workarounds are documented; updating the firmware is the recommended mitigation [1].