Cyber Resilience

CVE-2025-26336

High

Published: 21 March 2025

Published
21 March 2025
Modified
27 March 2025
KEV Added
Patch
CVSS Score v3.1 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
EPSS Score 0.0083 75.0th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-26336 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Dell Chassis Management Controller For Poweredge Fx2 Firmware. Its CVSS base score is 8.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 25.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

Dell Chassis Management Controller Firmware contains a stack-based buffer overflow vulnerability tracked as CVE-2025-26336. The flaw affects firmware versions prior to 2.40.200.202101130302 on Dell PowerEdge FX2 systems and versions prior to 3.41.200.202209300499 on Dell PowerEdge VRTX systems, and is also associated with CWE-121 and CWE-787. The issue received a CVSS 3.1 score of 8.3.

An unauthenticated remote attacker can exploit the vulnerability over the network without requiring user interaction, achieving remote code execution that may result in high impact to confidentiality and availability along with limited impact to integrity.

The referenced Dell advisory DSA-2025-123 describes the affected firmware versions and directs administrators to apply the specified updates that remediate the buffer overflow.

EPSS for the CVE rose from a low baseline to a peak of 0.0192 on 2026-05-01 before receding to the current value of 0.0083, indicating that exploitation interest increased after public disclosure.

EU & UK References

Vulnerability details

Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could…

more

potentially exploit this vulnerability, leading to Remote execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Remote stack-based buffer overflow in network-accessible Chassis Management Controller firmware directly enables exploitation of a public-facing application for unauthenticated remote code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-26354Same vendor: Dell
CVE-2026-26944Same vendor: Dell
CVE-2024-49601Same vendor: Dell
CVE-2026-22266Same vendor: Dell
CVE-2025-43995Same vendor: Dell
CVE-2026-27101Same vendor: Dell
CVE-2025-43728Same vendor: Dell
CVE-2025-22475Same vendor: Dell
CVE-2026-22284Same vendor: Dell
CVE-2025-46645Same vendor: Dell

Affected Assets

dell
chassis management controller for poweredge fx2 firmware
≤ 2.40.200.202101130302
dell
chassis management controller for poweredge vrtx firmware
≤ 3.41.200.202209300499

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the CVE by requiring timely application of the vendor-recommended firmware updates to remediate the stack-based buffer overflow vulnerability.

prevent

Implements memory protection mechanisms such as stack canaries, ASLR, and DEP to prevent exploitation of the stack-based buffer overflow leading to remote code execution.

prevent

Enforces input validation and bounds checking to directly counter the buffer overflow vulnerability triggered by unauthenticated remote inputs.

References