Unrated severityNVD Advisory· Published Nov 6, 2025· Updated Nov 6, 2025

CVE-2025-22397

Description

Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10.80.00 through 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

Affected products

Dell/Integrated Remote Access Controller Firmwarellm-fuzzy
Range: <7.00.00.181 (14G), >=6.10.80.00 <=7.20.10.50 (15G/16G)
Dell/Integrated Dell Remote Access Controller 10 17G versionv5
Range: N/A
Dell/Integrated Dell Remote Access Controller 9 14G Versionsv5
Range: N/A
Dell/Integrated Dell Remote Access Controller 9 15G and 16G versionsv5
Range: 6.10.80.00

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.dell.com/support/kbdoc/en-us/000384516/dsa-2025-376-security-update-for-dell-idrac9-and-idrac10-vulnerabilitiesmitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000