Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.

CVE Database V5

Detailed information about CVE-2025-38743: CWE-805: Buffer Access with Incorrect Length Value in Dell iDRAC Service Module (iSM) affecting Dell iDRAC Service Mo

CVE-2025-38743: CWE-805: Buffer Access with Incorrect Length Value in Dell iDRAC Service Module (iSM) - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-38743: CWE-805: Buffer Access with Incorrect Length Value in Dell iDRAC Service Module (iSM)

Qilin Ransomware Gang Claims 4TB Data Breach at Nissan CBI

Source: https://hackread.com/qilin-ransomware-gang-4tb-data-breach-nissan-cbi/

The Qilin ransomware gang has publicly claimed responsibility for a significant data breach involving Nissan CBI, reportedly exfiltrating approximately 4 terabytes of data. This incident represents a ransomware attack combined with a substantial data breach, where the attackers not only encrypted systems but also extracted sensitive information, likely to be used for extortion or further malicious activities. The attack was disclosed via a Reddit post on the InfoSecNews subreddit, linking to an external news source (hackread.com). While technical details such as the attack vector, exploited vulnerabilities, or specific affected systems within Nissan CBI are not provided, the scale of data exfiltration suggests a deep compromise of corporate networks. The lack of known exploits in the wild and minimal discussion level indicates this is a recent and emerging threat. The Qilin ransomware group is known for targeting large enterprises and critical infrastructure, leveraging ransomware to disrupt operations and demanding ransom payments, often coupled with data leak threats to increase pressure on victims. The breach of 4TB of data could include intellectual property, employee information, customer data, or sensitive corporate communications, posing severe confidentiality and reputational risks to Nissan CBI.

Reddit InfoSec News

Detailed information about Qilin Ransomware Gang Claims 4TB Data Breach at Nissan CBI. Get real-time updates, technical details, and mitigation strategies.

Qilin Ransomware Gang Claims 4TB Data Breach at Nissan CBI - Live Threat Intelligence - Threat Radar | OffSeq.com

Qilin Ransomware Gang Claims 4TB Data Breach at Nissan CBI

Reddit Discussion: Qilin Ransomware Gang Claims 4TB Data Breach at Nissan CBI

Aikaan IoT management platform v3.25.0325-5-g2e9c59796 sends a newly generated password to users in plaintext via email and also includes the same password as a query parameter in the account activation URL (e.g., https://domain.com/activate=xyz). This practice can result in password exposure via browser history, proxy logs, referrer headers, and email caching. The vulnerability impacts user credential confidentiality during initial onboarding.

CVE-2025-52351 describes a security vulnerability in the Aikaan IoT management platform version v3.25.0325-5-g2e9c59796, where newly generated user passwords are transmitted insecurely during the onboarding process. Specifically, the platform sends the new password in plaintext via email and also embeds the same password as a query parameter within the account activation URL (e.g., https://domain.com/activate=xyz). This approach exposes the password to multiple attack vectors: it can be captured in email caches, intercepted by email servers or proxies, stored in browser histories, logged by intermediate proxies, and leaked through HTTP referrer headers if the activation link is clicked and the referrer is sent to third-party sites. The vulnerability compromises the confidentiality of user credentials at the critical initial stage of account setup, potentially allowing attackers to hijack accounts before users change their passwords. Although no known exploits are currently reported in the wild, the insecure transmission of passwords in URLs and emails is a well-understood risk that can be exploited by attackers with access to network traffic, email systems, or user devices. The lack of a CVSS score suggests this is a newly identified issue, but the technical details indicate a significant risk to user credential security in the affected platform.

Detailed information about CVE-2025-52351: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-52351: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-52351: n/a

Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user sign-up in distributed deployments by hiding the sign-up option on the login page UI. However, the sign-up API endpoint remains publicly accessible and functional, allowing unauthenticated users to register accounts via APIs even when the feature is disabled. This leads to authentication bypass and unauthorized access to admin portals, violating intended access controls.

CVE-2025-52352 is a vulnerability affecting the Aikaan IoT management platform version 3.25.0325-5-g2e9c59796. The platform includes a configuration option intended to disable user sign-up in distributed deployments by hiding the sign-up option on the login page user interface. However, this mitigation is incomplete because the underlying sign-up API endpoint remains publicly accessible and functional regardless of the UI configuration. This allows unauthenticated attackers to register new accounts via the API even when sign-up is supposed to be disabled. Consequently, attackers can bypass intended access controls and potentially gain unauthorized access to administrative portals or other privileged areas of the platform. This vulnerability represents an authentication bypass flaw that undermines the platform's access control mechanisms. Since the sign-up API is exposed without proper access restrictions, it can be exploited remotely without authentication or user interaction. The lack of a CVSS score indicates the vulnerability has not yet been formally scored, but the technical details suggest a significant security risk. No known exploits have been reported in the wild as of the publication date. The vulnerability arises from a design and implementation oversight where UI-level restrictions are not enforced at the API level, violating the principle of defense in depth and secure design best practices.

Detailed information about CVE-2025-52352: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-52352: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-52352: n/a

Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Detailed information about CVE-2025-38742: CWE-732: Incorrect Permission Assignment for Critical Resource in Dell iDRAC Service Module (iSM) affecting Dell iDRA