heise PlusAbo
Anzeige

Dell's cloud storage solutions ECS and ObjectScale compromised by multiple flaws

Attackers can exploit multiple security vulnerabilities in Dell ECS and ObjectScale. Updates close the vulnerabilities.

listen Print view
A symbolic update button on a keyboard.

(Image: Shutterstock)

1 min. read
Security
By

Dell's cloud storage solutions, Elastic Cloud Storage (ECS) and ObjectScale, are vulnerable to a total of nine software vulnerabilities. If attacks are successful, attackers can gain higher user privileges, among other things.

Various attacks possible

Further details on the security vulnerabilities can be found in an advisory. Four of these affect third-party components, such as jacksone-core (CVE-2025-52999 “high”). The remaining vulnerabilities (e.g., CVE-2026-22273 “high” and CVE-2026-22271 “high”) impact the applications directly. In these two cases, however, attackers must already be authenticated to initiate attacks. If this is the case, information can leak or attackers can gain higher user privileges.

The developers state that they have closed the vulnerabilities in version 4.2.0.0. So far, there are no reports of ongoing attacks.

Videos by heise

Recently, the computer manufacturer repaired its NAS operating system, PowerScale OneFS.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten