Multiple Dell PowerProtect Vulnerabilities Let Attackers Compromise System 

Dell Technologies has disclosed multiple critical vulnerabilities affecting its PowerProtect product line, including Data Domain (DD) appliances, PowerProtect Management Center, and other associated systems. 

These vulnerabilities, if exploited, could allow attackers to compromise system integrity, escalate privileges, or execute arbitrary code. 

Organizations relying on these systems for data protection and recovery are urged to take immediate action to mitigate the risks.

Key Vulnerabilities and Technical Details

The vulnerabilities cover a wide spectrum of critical issues defined by their Common Vulnerabilities and Exposures (CVE) identifiers. 

The vulnerabilities have been assigned critical CVSS scores ranging from 8.6 to 9.8 due to their potential impact on confidentiality, integrity, and availability. 

Attack vectors include local privilege escalation and remote code execution. Some flaws require low privileges or no user interaction for exploitation, making them particularly dangerous.

The most critical vulnerabilities include:

• CVE-2024-33871

 An arbitrary code execution vulnerability in Artifex Ghostscript before version 10.03.1. Attackers can exploit this flaw to execute malicious code remotely, potentially taking full control of the system.

• CVE-2024-41110

This vulnerability affects Docker’s Moby project and involves improper handling of API requests when authorization plugins are enabled. Exploitation could lead to privilege escalation under specific configurations.

• CVE-2024-38428

Found in GNU Wget up to version 1.24.5, this vulnerability stems from improper URI parsing, enabling phishing attacks, man-in-the-middle (MiTM) exploits, and potential malware installation.

• CVE-2024-24790

A flaw in Golang’s net/netip package causes improper validation of IPv4-mapped IPv6 addresses, which could lead to integrity loss or unauthorized actions.

• CVE-2024-37371

A denial-of-service (DoS) vulnerability in MIT Kerberos 5 (krb5), caused by invalid memory reads during GSS token handling. This can disrupt system availability when exploited.

• CVE-2024-24577

A critical heap corruption issue in the libgit2 library allows attackers to overwrite memory and execute arbitrary code. libgit2 is a portable C implementation of the Git core methods that comes as a linkable library with a strong API, allowing you to integrate Git functionality into your program.

• CVE-2018-6913

A heap-based buffer overflow in Perl’s pack function before 5.26.2 allows context-dependent attackers to execute arbitrary code using a large item count.

Impacted Systems

Dell PowerProtect products affected by these vulnerabilities include:

• PowerProtect Data Domain (DD) appliances
• PowerProtect DP Series
• PowerProtect Management Center
• APEX Protection Storage

Specific software versions impacted include DDOS versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20

Dell has released patches and updates addressing these vulnerabilities:

• Upgrade to the latest secure versions of DDOS (8.3.0.0 or later), as well as other recommended firmware updates.
• Implement network segmentation and access controls to limit exposure.
• Monitor systems for unusual activity that may indicate exploitation attempts.

These vulnerabilities highlight the increasing sophistication of cyber threats targeting enterprise-grade data protection systems like Dell PowerProtect DD appliances, which are integral to managing sensitive data at scale.

Organizations failing to address these issues risk severe consequences such as data breaches, service disruptions, or ransomware attacks.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

The post Multiple Dell PowerProtect Vulnerabilities Let Attackers Compromise System  appeared first on Cyber Security News.