Skip to main content

Poweredge R6415 Firmware CVE-2025-26482

MEDIUM
Exposure of Sensitive System Information Due to Uncleared Debug Information (CWE-1258)
2025-09-25 security_alert@emc.com
Information Disclosure Dell Poweredge R6415 Firmware Poweredge R7415 Firmware Poweredge R7425 Firmware Poweredge R770 Firmware Poweredge R670 Firmware Poweredge R570 Firmware Poweredge R470 Firmware Poweredge R6715 Firmware Poweredge R7715 Firmware Poweredge R6725 Firmware Poweredge R7725 Firmware Poweredge R660 Firmware Poweredge R760 Firmware Poweredge C6620 Firmware Poweredge Mx760C Firmware Poweredge R860 Firmware Poweredge R960 Firmware Poweredge Hs5610 Firmware Poweredge Hs5620 Firmware Poweredge R660Xs Firmware Poweredge R760Xs Firmware Poweredge R760Xd2 Firmware Poweredge T560 Firmware Poweredge R760Xa Firmware Poweredge Xe9680 Firmware Poweredge Xe9680L Firmware Poweredge Xr5610 Firmware Poweredge Xr8610T Firmware Poweredge Xr8620T Firmware Poweredge Xr7620 Firmware Poweredge Xe8640 Firmware Poweredge Xe9640 Firmware Poweredge T160 Firmware Poweredge T360 Firmware Poweredge R260 Firmware Poweredge R360 Firmware Poweredge R650 Firmware Poweredge R750 Firmware Poweredge R750Xa Firmware Poweredge C6520 Firmware Poweredge Mx750C Firmware Poweredge R550 Firmware Poweredge R450 Firmware Poweredge R650Xs Firmware Poweredge R750Xs Firmware Poweredge T550 Firmware Poweredge Xr11 Firmware Poweredge Xr12 Firmware Poweredge Xr4510C Firmware Poweredge Xr4520C Firmware Poweredge T150 Firmware Poweredge T350 Firmware Poweredge R250 Firmware Poweredge R350 Firmware Poweredge R740 Firmware Poweredge R740Xd Firmware Poweredge R640 Firmware Poweredge R940 Firmware Poweredge R540 Firmware Poweredge R440 Firmware Poweredge T440 Firmware Poweredge Xr2 Firmware Poweredge R740Xd2 Firmware Poweredge R840 Firmware Poweredge R940Xa Firmware Poweredge T640 Firmware Poweredge C6420 Firmware Poweredge Fc640 Firmware Poweredge M640 Firmware Poweredge Mx740C Firmware Poweredge Mx840C Firmware Poweredge C4140 Firmware Dss 8440 Firmware Poweredge Xe2420 Firmware Poweredge Xe7420 Firmware Poweredge Xe7440 Firmware Poweredge T140 Firmware Poweredge T340 Firmware Poweredge R240 Firmware Poweredge R340 Firmware Emc Storage Nx3240 Firmware Emc Storage Nx3340 Firmware Emc Nx440 Firmware Xc Core Xc660 Firmware Xc Core Xc760 Firmware Xc Core Xc660Xs Firmware Xc Core Xc760Xa Firmware Emc Xc Core Xc450 Firmware Emc Xc Core Xc650 Firmware Emc Xc Core Xc750 Firmware Emc Xc Core Xc750Xa Firmware Emc Xc Core Xc6520 Firmware Emc Xc Core 6420 System Firmware Emc Xc Core Xc640 System Firmware Emc Xc Core Xc740Xd System Firmware Emc Xc Core Xc740Xd2 Firmware Emc Xc Core Xc940 System Firmware Emc Xc Core Xcxr2 Firmware Poweredge R6615 Firmware Poweredge R7615 Firmware Poweredge R6625 Firmware Poweredge R7625 Firmware Poweredge C6615 Firmware Poweredge R6515 Firmware Poweredge R6525 Firmware Poweredge R7515 Firmware Poweredge R7525 Firmware Poweredge C6525 Firmware Poweredge Xe8545 Firmware Emc Xc Core Xc7525 Firmware Xc Core Xc7625 Firmware Idrac9 Firmware
4.9
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 19:14 vuln.today
CVE Published
Sep 25, 2025 - 21:15 nvd
MEDIUM 4.9

DescriptionNVD

Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure.

AnalysisAI

Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-1258. Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure. Affected products include: Dell Poweredge R770 Firmware, Dell Poweredge R670 Firmware, Dell Poweredge R570 Firmware, Dell Poweredge R470 Firmware, Dell Poweredge R6715 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More from same product – last 7 days

CVE-2025-26483 MEDIUM
6.1 May 22

Open redirect vulnerability in Dell PowerFlex Manager 4.6.2 and prior enables unauthenticated remote attackers to craft

CVE-2025-32751 MEDIUM
5.5 May 22

Dell PowerFlex Manager versions 4.6.2 and earlier improperly store sensitive information in a manner accessible to low-p
CVE-2025-32747 MEDIUM
5.3 May 22

Incorrect Privilege Assignment in Dell PowerFlex Manager version 4.6.2 and earlier (both Appliance and Rack form factors
CVE-2025-32749 MEDIUM
5.3 May 22

Directory listing exposure in Dell PowerFlex Manager versions 4.6.2 and earlier allows an attacker to enumerate director
CVE-2025-32745 MEDIUM
4.2 May 22

Improper certificate validation in Dell PowerFlex Manager version 4.6.2 and earlier allows an unauthenticated attacker o

Share

CVE-2025-26482 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy