{"id":14702,"date":"2018-10-03T19:31:19","date_gmt":"2018-10-03T19:31:19","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/"},"modified":"2018-10-03T19:31:19","modified_gmt":"2018-10-03T19:31:19","slug":"you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/","title":{"rendered":"You dirty DRAC: IT bods uncover Dell server firmware security slip"},"content":{"rendered":"<div readability=\"28.279069767442\">\n<h2>Weakness not easy to leverage, but iDRAC exploit would mean game over for admins<\/h2>\n<p> <img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2015\/06\/11\/christopher_lee.jpg?x=442&amp;y=293&amp;crop=1\" alt=\"Christopher Lee as Dracula\" width=\"442\" height=\"293\" class=\"article_img\"\/><\/p>\n<p>Monster from the depths of Dell &#8230; iDRACula strikes<\/p>\n<\/div>\n<div id=\"body\" readability=\"139.61261997141\">\n<p>A pair of IT professionals have uncovered a potentially serious flaw in the hardware management tools for older Dell servers.<\/p>\n<p>The upshot is that it is possible for a rogue system administrator, or someone who has obtained their network access, or miscreants in the supply chain, to reprogram vulnerable PowerEdge motherboard controllers with malicious code. This malware can survive operating system reinstallation, hard disk wiping and replacement, and motherboard BIOS rewrites. It can be virtually undetectable, and can snoop on and tamper with whatever happens on the compromised machine.<\/p>\n<p>In order to exploit this, an attacker has to be determined, and has to have extraordinary access, either internally as a data center administrator or has to get their hands physically on the hardware at some point, either on site or while shipping it from the factory to the customer. As such, it is not a world-ending bug. However, it&#8217;s something to consider, at least, especially if you&#8217;re handling valuable corporate secrets.<\/p>\n<p>Here are the details: Jon Sands and Adam Nielsen discovered and <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.servethehome.com\/idracula-vulnerability-impacts-millions-of-legacy-dell-emc-servers\">reported via Serve The Home<\/a> a bug dubbed iDRACula because it involves Dell&#8217;s <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.dell.com\/support\/contents\/us\/en\/04\/article\/product-support\/self-support-knowledgebase\/enterprise-resource-center\/systemsmanagement\/idrac\">iDRAC<\/a> service. iDRAC is software that runs on the baseband management controller (BMC) inside a PowerEdge system independent of whatever hypervisor, operating system, and applications are running.<\/p>\n<p>It has full control over the hardware. Administrators can connect over the network to a server&#8217;s iDRAC to diagnose and fix up any problems. It&#8217;s a lot easier to fire up a web browser, and remotely power cycle the box or reinstall its OS, than locate, pull out, repair, and re-rack a system by hand, for instance.<\/p>\n<p>The weakness is said to be present in 12th and 13th Dell EMC PowerEdge generations. The latest machines, 14th-gen and up, are not vulnerable because they introduced a root-of-trust in the BMC processor, meaning only Dell-authorized code can run on the controller, and not junk injected by hackers.<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2016\/08\/04\/sstock_server_room.jpg?x=174&amp;y=115&amp;crop=1\" width=\"174\" height=\"115\" alt=\"Two execs in a server room. Has to have happened some time heh. Photo by Shutterstock\"\/><\/p>\n<h2 title=\"Remote management a double-edged sword, IT admins warned at hacking conference\">Can we talk about the little backdoors in data center servers, please?<\/h2>\n<p><a href=\"https:\/\/www.theregister.co.uk\/2018\/08\/10\/data_center_hacking\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>Essentially, on a vulnerable box, an attacker can downgrade the iDRAC firmware from version 8 to an older version that has a known vulnerability in it, and exploit this to gain root access to the small instance of Linux running on the BMC. This can be leveraged to smuggle whatever malware is needed into the iDRAC firmware storage. Then, the hacker can upgrade the software to the previous version, keeping the spyware intact. To system administrators, the box appears to be normal, and there&#8217;s no sign of dodgy code running on the BMC.<\/p>\n<p>In other words, there&#8217;s nothing stopping people from downgrading the firmware to a known vulnerable version, and nothing stopping them from installing modified firmware. If this can&#8217;t be done remotely, it is possible to do this physically: popping open the lid, and reprogramming the iDRAC firmware storage chip with arbitrary code. The BMC processor doesn&#8217;t check to see if the iDRAC code is fully legit and untampered with or not. With the 14th-generation and onwards, running iDRAC version 9, a root-of-trust is used to ensure bad stuff isn&#8217;t executed, because it won&#8217;t be digitally signed off by Dell.<\/p>\n<h3 class=\"crosshead\"><span>Come on folks, put some effort in<\/span><\/h3>\n<p>Dell stressed this is difficult to exploit in practice.<\/p>\n<p>&#8220;We were made aware by the individual of potential Dell EMC iDRAC vulnerabilities,&#8221; a Dell spokesperson told <em>El Reg<\/em> this week.<\/p>\n<p>&#8220;Applied remotely, with administrative rights for iDRAC, he had downloaded an older firmware version with a known vulnerability and created root user access. This known vulnerability has already been addressed in subsequent firmware releases. The second potential vulnerability was through direct physical access with short circuit jumper cables.<\/p>\n<p>&#8220;These potential vulnerabilities require either physical access or current (and valid) administrative rights. Additionally, these are not applicable to Dell EMC iDRAC9 and 14th generation PowerEdge servers, Dell EMC\u2019s latest offering which became available in mid-2017. We always recommend our customers maintain up-to-date iDRAC firmware and isolate the management network with technologies, such as firewalls, and limit access to authorized server administrators only.&#8221;<\/p>\n<p>The report also brings up an interesting point about physical access. While an outside attacker would have a hard time getting into a server room to tamper with a machine, a rogue company insider or dodgy person in the supply and distribution chain could find the opportunity to rewrite the firmware in such a way to silently and secretly spy on the machine.<\/p>\n<p>This is not the first time the security of server BMCs have been called into question. Last month, researchers discovered <a target=\"_blank\" href=\"https:\/\/www.theregister.co.uk\/2018\/09\/07\/supermicro_bmcs_hole\/\">similar vulnerabilities<\/a> in the BMC hardware used in Supermicro servers, prompting the company to release an update. \u00ae<\/p>\n<p class=\"wptl btm\"><span>Sponsored:<\/span> <a href=\"https:\/\/go.theregister.co.uk\/tl\/1787\/-6625\/following-bottomlines-journey-to-the-hybrid-cloud?td=wptl1787\">Following Bottomline\u2019s journey to the Hybrid Cloud<\/a><\/p>\n<\/div>\n<p>READ MORE <a href=\"http:\/\/go.theregister.com\/feed\/www.theregister.co.uk\/2018\/10\/03\/idrac_dell_server_firmware\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Weakness not easy to leverage, but iDRAC exploit would mean game over for admins A pair of IT professionals have uncovered a potentially serious flaw in the hardware management tools for older Dell servers.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":14703,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-14702","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>You dirty DRAC: IT bods uncover Dell server firmware security slip 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"You dirty DRAC: IT bods uncover Dell server firmware security slip 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-10-03T19:31:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"442\" \/>\n\t<meta property=\"og:image:height\" content=\"293\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"You dirty DRAC: IT bods uncover Dell server firmware security slip\",\"datePublished\":\"2018-10-03T19:31:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/\"},\"wordCount\":825,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/\",\"name\":\"You dirty DRAC: IT bods uncover Dell server firmware security slip 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip.jpg\",\"datePublished\":\"2018-10-03T19:31:19+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip.jpg\",\"width\":442,\"height\":293},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"You dirty DRAC: IT bods uncover Dell server firmware security slip\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"You dirty DRAC: IT bods uncover Dell server firmware security slip 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/","og_locale":"en_US","og_type":"article","og_title":"You dirty DRAC: IT bods uncover Dell server firmware security slip 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-10-03T19:31:19+00:00","og_image":[{"width":442,"height":293,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"You dirty DRAC: IT bods uncover Dell server firmware security slip","datePublished":"2018-10-03T19:31:19+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/"},"wordCount":825,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/","url":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/","name":"You dirty DRAC: IT bods uncover Dell server firmware security slip 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip.jpg","datePublished":"2018-10-03T19:31:19+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip.jpg","width":442,"height":293},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/you-dirty-drac-it-bods-uncover-dell-server-firmware-security-slip\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"You dirty DRAC: IT bods uncover Dell server firmware security slip"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/14702","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=14702"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/14702\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/14703"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=14702"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=14702"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=14702"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}