Dell Firmware Updates (MINDBREEZE37610)

ID: MINDBREEZE37610
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS
Severity: 7.2 High
Status: Final
First published: December 12, 2025
CVEs: CVE-2025-20067 CVE-2025-20613 CVE-2025-22853 CVE-2025-21096 CVE-2025-20053 CVE-2025-21090 CVE-2025-24305 CVE-2025-20109 CVE-2025-20044 CVE-2025-26482 CVE-2025-22397

Summary

observable timing discrepancy in firmware for Intel® CSME and Intel® SPS
Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for Intel® TDX
Improper synchronization in the firmware for Intel® TDX
Improper buffer restrictions in the firmware for Intel® TDX
Improper buffer restrictions for Intel® Xeon® Processor firmware with SGX enabled
Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel® Xeon® processors
Missing reference to active allocated resource for some Intel® Xeon® processors
Dell iDRAC: arbitrary file export

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS:

Mindbreeze InSpire 25.7 Release
Mindbreeze InSpire SaaS 25.7 Release

Dell Firmware Updates (MINDBREEZE37610)

Summary

Social Media

Security

Support

Newsletter

Language