December 14, 2023 at 07:18AM
Several serious vulnerabilities have been found in Dell’s PowerProtect products, impacting various appliances and potentially allowing attackers to execute malicious code, steal information, and gain control of systems. Dell is urging customers to review and implement security measures outlined in the DSA-2023-412 advisory and emphasizes the importance of product security and protection for customers.
Based on the meeting notes, Dell has issued a security advisory urging its customers to review and implement remediation steps for a series of potentially serious vulnerabilities impacting its PowerProtect products. These vulnerabilities include a DOM-based cross-site scripting issue, command injection and access control flaws, and medium-severity bugs that may allow bypassing security restrictions and the exploitation of the system. Dell has emphasized the importance of promptly implementing the remediation steps outlined in the Dell Security Advisory (DSA-2023-412) to ensure the security of the affected products. Dell stated that it has worked quickly to address the vulnerabilities and is not currently aware of any active exploitation. However, it is noted that Dell product vulnerabilities have been exploited by sophisticated threat actors in the past. Additionally, Dell has recently informed customers about vulnerabilities in other products, such as PowerEdge Server BIOS and PowerMax, as well as vulnerabilities impacting third-party components of VxRail Manager.