Backup appliance PowerProtect DD from Dell as a gateway for attackers
The developers at Dell have closed several security gaps in the latest versions of PowerProtect DD.
(Image: Alfa Photo/Shutterstock.com)
Dell's PowerProtect DD backup appliance is actually designed to increase reliability in the event of cyberattacks. However, due to several software vulnerabilities, attackers can now attack systems. Secured versions are available for download.
The security risks
Accordingto a warning message, the vulnerabilities can be found in various components that PowerProtect DD uses. Of these, nine vulnerabilities (CVE-2022-1996, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2024-23652, CVE-2024-23653, CVE-2019-14889, CVE-2022-29361 ) are classified as"critical". In addition to current vulnerabilities, the security patches also close older vulnerabilities.
The vulnerabilities affect Apache Tomcat, curl and OpenSSL, among others. If attackers exploit a vulnerability (CVE-2024-23652 "critical") in Buildkit, for example, they can manipulate files. A vulnerability (CVE-2023-51257"high") in Jasper allows malicious code to reach systems.
Videos by heise
In addition, attackers can bypass authentication (component containerd CVE-2022-1996"critical") or view data that is actually encrypted in plain text (component curl CVE-2023-23914"critical").
Patch now!
Even if Dell is not currently warning of attacks, admins should update PowerProtect DD to the latest version as soon as possible. The developers state that they have solved the security problems in versions 7.10.1.40, 7.13.1.10, 7.7.5.50 and 8.1.0.0. The computer manufacturer lists the specific versions under threat in an article.
Unfortunately, the warning does not provide any information on how admins can recognize appliances that have already been successfully attacked.
(des)
