Dell SmartFabric OS10: Attackers can execute malicious code
Dell's network operating system SmartFabric OS10 is vulnerable. Attackers can exploit several software vulnerabilities.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
Five security vulnerabilities jeopardize Dell SmartFabric OS10. In the worst case, attackers can execute malicious code and compromise networks.
To counteract this, the developers have closed the gaps (CVE-2024-48837"high", CVE-2024-48838"low", CVE-2024-49557"high", CVE-2024-49558"high", CVE-2024-49560"high") in versions 10.5.4.13, 10.5.5.12 and 10.5.6.6 of the network operating system. This is the result of a warning message.
Attacks on networks possible
If admins do not install the security updates, attackers can exploit the vulnerabilities and gain higher user rights or even execute malicious code. However, according to the description of the vulnerabilities, they must already have low rights and local access. The developers are not currently explaining how specific attacks could take place.
Videos by heise
So far, Dell has not issued any warnings about attacks. However, network admins should not put off installing the security updates.
(des)
