Advisory No: TZCERT/SA/2024/08/07-3
Date of First Release: 07th August 2024
Source: Dell
Software Affected: Dell Avamar, Dell NetWorker Virtual Edition (NVE), Dell PowerProtect DP Series Appliance, Dell Protection Advisor, Dell XtremIO X2, Dell PowerProtect DD, Dell PowerStore X
Overview:
Dell products are vulnerable to multiple critical vulnerabilities. Exploitation of these vulnerabilities may allow attackers to execute arbitrary code on affected devices.
Description:
Multiple third-party components running on Dell Avamar, Dell NetWorker Virtual Edition (NVE), Dell PowerProtect DP Series Appliance, Dell Protection Advisor, Dell XtremIO X2, Dell PowerProtect DD, and Dell PowerStore X are vulnerable to critical vulnerabilities. The vulnerabilities in these components may be exploited by the attackers to compromise the affected system.
Impact:
Successful exploitation of these vulnerabilities may allow the attackers to take control of the affected system.
Solution:
Dell has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.
References:
- https://www.dell.com/support/kbdoc/en-us/000227573/dsa-2024-348-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-security-update-for-multiple-vulnerabilities
- https://www.dell.com/support/kbdoc/en-us/000227571/dsa-2024-347-security-update-for-data-protection-advisor-for-multiple-vulnerabilities
- https://www.dell.com/support/kbdoc/en-us/000227569/dsa-2024-008-security-update-for-dell-xtremio-x2-multiple-component-vulnerabilities
- https://www.dell.com/support/kbdoc/en-us/000227304/dsa-2024-314-security-update-for-dell-powerprotect-dd-idrac9-vulnerabilities
- https://www.dell.com/support/kbdoc/en-us/000227490/dsa-2024-336-dell-powerstore-x-security-update-for-multiple-vulnerabilities