Security Advisory

Dell Product Security Update Advisory

  • Aug 06 2025
Dell Product Security Update Advisory

Overview

 

We have released security updates to fix vulnerabilities in Dell products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-38739

 

Dell Digital Delivery Version: 5.6.1.0 and earlier

 

CVE-2025-38741

 

Dell Enterprise SONiC Distribution Version: 4.5.0

 

Cve-2025-36604, cve-2025-36606, cve-2025-36607

 

Dell Unity Version: 5.5.1 and earlier

 

CVE-2025-26476

 

ECS Version: Less than 3.8.1.5
ObjectScale Version: Less than 4.0.0.0

 

Resolved Vulnerabilities

 

Insufficient Credential Protection Vulnerability in Dell Digital Delivery (CVE-2025-38739)
Cryptographic key vulnerability in SSH in Dell Enterprise SONiC Distribution (CVE-2025-38741)
OS Command Injection Vulnerability in Dell Unity (CVE-2025-36604)
OS Command Injection Vulnerability in svc_nfssupport in Dell Unity (CVE-2025-36606)
OS Command Injection Vulnerability in svc_nas in Dell Unity (CVE-2025-36607)
Hardcoded Cryptographic Key Usage Vulnerability in Dell ECS and ObjectScale (CVE-2025-26476)

 

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

 

CVE-2025-38739

 

Dell Digital Delivery version: 5.6.1.0 or later

 

CVE-2025-38741

 

Dell Enterprise SONiC Distribution Version: 4.5.0a

 

Cve-2025-36604, cve-2025-36606, cve-2025-36607

 

Dell Unity Version: 5.5.1 or later

 

CVE-2025-26476

 

ECS Version: 3.8.1.5 or later
ObjectScale Version: 4.0.0.0 or later

 

 

References

 

[1] DSA-2025-302: Security Update for Dell Digital Delivery for an Insufficiently Protected Credentials Vulnerability
https://www.dell.com/support/kbdoc/en-us/000349489/dsa-2025-302
[2] DSA-2025-275: Security Update for Dell Enterprise SONiC Distribution Vulnerabilities
https://www.dell.com/support/kbdoc/en-us/000340083/dsa-2025-275-security-update-for-dell-enterprise-sonic-distribution-vulnerabilities
[3] DSA-2025-281: Security Update for Dell Unity, Dell UnityVSA and Dell Unity XT Security Update for Multiple Vulnerabilities
https://www.dell.com/support/kbdoc/en-us/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities
[4] DSA-2025-154: Security Update for Dell ECS and ObjectScale Use of Hard-coded SSH Cryptographic Key Vulnerability
https://www.dell.com/support/kbdoc/en-us/000339134/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability

Tags:
Previous Post

Next Post