Critical Vulnerabilities Affecting Multiple Dell Products

Advisory No: TZCERT/SA/2024/08/07-3

Date of First Release: 07^th August 2024

Source: Dell

Software Affected: Dell Avamar, Dell NetWorker Virtual Edition (NVE), Dell PowerProtect DP Series Appliance, Dell Protection Advisor, Dell XtremIO X2, Dell PowerProtect DD, Dell PowerStore X

Overview:

Dell products are vulnerable to multiple critical vulnerabilities. Exploitation of these vulnerabilities may allow attackers to execute arbitrary code on affected devices.

Description:

Multiple third-party components running on Dell Avamar, Dell NetWorker Virtual Edition (NVE), Dell PowerProtect DP Series Appliance, Dell Protection Advisor, Dell XtremIO X2, Dell PowerProtect DD, and Dell PowerStore X are vulnerable to critical vulnerabilities. The vulnerabilities in these components may be exploited by the attackers to compromise the affected system.

Impact:

Successful exploitation of these vulnerabilities may allow the attackers to take control of the affected system.

Solution:

Dell has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.

References:

1. https://www.dell.com/support/kbdoc/en-us/000227573/dsa-2024-348-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-security-update-for-multiple-vulnerabilities
2. https://www.dell.com/support/kbdoc/en-us/000227571/dsa-2024-347-security-update-for-data-protection-advisor-for-multiple-vulnerabilities
3. https://www.dell.com/support/kbdoc/en-us/000227569/dsa-2024-008-security-update-for-dell-xtremio-x2-multiple-component-vulnerabilities
4. https://www.dell.com/support/kbdoc/en-us/000227304/dsa-2024-314-security-update-for-dell-powerprotect-dd-idrac9-vulnerabilities
5. https://www.dell.com/support/kbdoc/en-us/000227490/dsa-2024-336-dell-powerstore-x-security-update-for-multiple-vulnerabilities