RSA Authentication Manager Availability of Firmware Updates to Address iDRAC Vulnerabilities 

Document created by RSA Product Team Employee on May 7, 2018Last modified by RSA Product Team Employee on May 7, 2018
Version 2Show Document
  • View in full screen mode


Dell EMC has identified vulnerabilities in the iDRAC management platform on Dell PowerEdge servers, including two which are used as platforms for the RSA Authentication Manager hardware appliance. The following Dell EMC advisory discusses this issue:


Vulnerability Details for iDRAC7/iDRAC8/iDRAC9 - Advisory

Dell EMC Whitepaper:


Affected Products:

  • RSA SecurID Hardware Appliance Model 130 based on the Dell PowerEdge R230
  • RSA SecurID Hardware Appliance Model 250 based on the Dell PowerEdge R630


RSA recommends that customers using the Dell PowerEdge R230 and Dell PowerEdge R630 hardware platform apply the firmware patch for iDRAC8. To determine your hardware platform, see the following Knowledgebase article: 

000036316 - How to determine the RSA Authentication Manager 8.x hardware platform 


iDRAC with Lifecycle Controller


Patch Info:

The following web page includes installation instructions and other information:


Patch Download:

Download the Windows self-extracting executable version of the patch:


The download contains a text document with installation instructions and the firmimg.d7 file.  Please read and follow all of the documented instructions and precautions. The update is installed by opening the iDRAC and passing the firming.d7 file as input to the iDRAC's "Update and Rollback" page.


For RSA Authentication Manager documentation, downloads, and more, visit the RSA SecurID Access page on RSA Link.


EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.