Overview
Dell has disclosed a race condition vulnerability in iDRAC10 (Integrated Dell Remote Access Controller 10) that could allow an authenticated attacker with low privileges to escalate their access on affected systems. The flaw is classified as an Insufficiently Protected Credentials vulnerability under CWE-522.
| Detail | Value |
|---|---|
| CVE ID | CVE-2026-35155 |
| CVSS Score | 7.1 (Medium) |
| Affected Versions | iDRAC10 1.20.70.50, 1.30.05.10 |
| Attack Vector | Network |
| Privileges Required | Low |
| User Interaction | None |
Technical Details
iDRAC10 is Dell's out-of-band server management interface, used widely in enterprise data centers to enable remote monitoring, configuration, and recovery of PowerEdge servers — even when the host operating system is unresponsive.
The vulnerability exists in how iDRAC10 handles credential storage and retrieval during specific concurrent operations. A race condition in the authentication and session management layer creates a narrow window during which credential context can be accessed or manipulated by a low-privileged authenticated user to obtain elevated system privileges.
Exploitation requires:
- Network access to the iDRAC management interface
- An existing low-privileged account on the target iDRAC instance
- Precise timing to win the race window during concurrent operations
While exploitation requires prior authentication, the iDRAC interface is designed for remote access and is often reachable over dedicated management networks, making this a meaningful escalation path in environments where management plane access is shared.
Impact
Successful exploitation could allow an attacker to:
- Gain access to higher-privileged iDRAC functions including full server power control
- Read or exfiltrate sensitive configuration data, credentials, and BIOS settings
- Modify server firmware or boot configuration
- Potentially pivot to attached storage, networking infrastructure, or other servers managed through the same console
Because iDRAC operates below the operating system level, malicious changes made through an escalated iDRAC session can persist across OS reinstalls and are difficult to detect with standard security tooling.
Affected Products
- Dell iDRAC10 firmware version 1.20.70.50
- Dell iDRAC10 firmware version 1.30.05.10
iDRAC10 is included with Dell PowerEdge servers from recent generations. iDRAC9 and earlier versions are not reported as affected.
Remediation
Dell has released updated iDRAC10 firmware to address this vulnerability. Administrators should:
- Upgrade iDRAC10 firmware to the latest version available through Dell's support portal
- Restrict iDRAC network access to dedicated, isolated management VLANs
- Enforce strong account controls — limit the number of users with any iDRAC access
- Enable audit logging on iDRAC to detect unusual session activity
- Review existing accounts for unnecessary low-privilege users who could abuse this flaw