Dell Product Security Update Advisory

Nov 15 2024

Overview

We have released security updates to fix vulnerabilities in Dell products. users of affected products are advised to update to the latest version.

Affected Products

Cve-2024-48837, cve-2024-49557, cve-2024-49558, cve-2024-49560

Dell Networking OS10 Version: 10.5.6.x
Dell Networking OS10 Version: 10.5.5.x
Dell Networking OS10 Version: 10.5.4.x

Resolved Vulnerabilities

Vulnerability that runs with unnecessary privileges, allowing a local attacker with low privileges to execute commands (CVE-2024-48837)

Command injection vulnerability that could allow a low privileged local attacker to execute code (CVE-2024-49557)

Improper privilege management vulnerability that could allow a low privileged local attacker to escalate privileges (CVE-2024-49558)

Command injection vulnerability that could allow a local attacker with low privilege to execute commands (CVE-2024-49560)

Vulnerability Patches

vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

Cve-2024-48837, cve-2024-49557, cve-2024-49558, cve-2024-49560

Dell Networking OS10 version: 10.5.6.6
Dell Networking OS10 Version: 10.5.5.12
Dell Networking OS10 version: 10.5.4.13

references

[1] DSA-2024-425: Security Update for Dell Networking OS10 Vulnerabilities

https://www.dell.com/support/kbdoc/ko-kr/000247217/dsa-2024-425-security-update-for-dell-networking-os10-vulnerabilities

Dell Product Security Update Advisory

Ivanti Product Security Update Advisory

Microsoft Product Suite November 2024 Security Update Advisory

Tags:

Ivanti Product Security Update Advisory

Microsoft Product Suite November 2024 Security Update Advisory