CVE-2025-26336
Published: 21 March 2025
Summary
CVE-2025-26336 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Dell Chassis Management Controller For Poweredge Fx2 Firmware. Its CVSS base score is 8.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 25.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
Dell Chassis Management Controller Firmware contains a stack-based buffer overflow vulnerability tracked as CVE-2025-26336. The flaw affects firmware versions prior to 2.40.200.202101130302 on Dell PowerEdge FX2 systems and versions prior to 3.41.200.202209300499 on Dell PowerEdge VRTX systems, and is also associated with CWE-121 and CWE-787. The issue received a CVSS 3.1 score of 8.3.
An unauthenticated remote attacker can exploit the vulnerability over the network without requiring user interaction, achieving remote code execution that may result in high impact to confidentiality and availability along with limited impact to integrity.
The referenced Dell advisory DSA-2025-123 describes the affected firmware versions and directs administrators to apply the specified updates that remediate the buffer overflow.
EPSS for the CVE rose from a low baseline to a peak of 0.0192 on 2026-05-01 before receding to the current value of 0.0083, indicating that exploitation interest increased after public disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-7273
Vulnerability details
Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could…
more
potentially exploit this vulnerability, leading to Remote execution.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote stack-based buffer overflow in network-accessible Chassis Management Controller firmware directly enables exploitation of a public-facing application for unauthenticated remote code execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the CVE by requiring timely application of the vendor-recommended firmware updates to remediate the stack-based buffer overflow vulnerability.
Implements memory protection mechanisms such as stack canaries, ASLR, and DEP to prevent exploitation of the stack-based buffer overflow leading to remote code execution.
Enforces input validation and bounds checking to directly counter the buffer overflow vulnerability triggered by unauthenticated remote inputs.