Multiple critical vulnerabilities affecting Dell EMC Avamar, Dell Protection Advisor, Dell VxRail, and Dell RecoverPoint

Advisory No: TZCERT/SA/2024/07/26-5

Date of First Release: 26^th July 2024

Source: Dell

Software Affected: Dell EMC, Dell Protection Advisor, Dell VxRail, Dell RecoverPoint

Overview:

Dell products are vulnerable to multiple critical vulnerabilities. Exploitation of these vulnerabilities may allow attackers to execute arbitrary code on affected devices.

Description:

Multiple third-party components running on Dell EMC Avamar, Dell Protection Advisor, and Dell VxRail, Dell RecoverPoint are vulnerable to critical vulnerabilities. The vulnerabilities in these components may be exploited by the attackers to compromise the affected system.

Impact:

Successful exploitation of these vulnerabilities may allow the attackers to take control of the affected system.

Solution:

Dell has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.

References:

1. https://www.dell.com/support/kbdoc/en-us/000180921/dsa-2020-266-dell-emc-avamar-security-update-for-multiple-components
2. https://www.dell.com/support/kbdoc/en-us/000227136/dsa-2024-053-security-update-for-data-protection-advisor-multiple-third-party-component-vulnerabilities
3. https://www.dell.com/support/kbdoc/en-us/000226716/dsa-2024-288-security-update-for-dell-vxrail-7-0-521-multiple-third-party-component-vulnerabilities
4. https://www.dell.com/support/kbdoc/en-us/000222133/dsa-2024-092-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities