Dell's Data Protection Advisor backup solution vulnerable to multiple attacks
Dell has closed several security vulnerabilities in Data Protection Advisor. Malicious code can get onto systems.
![Stylized image: A stack of burning appliances](https://heise.cloudimg.io/width/610/q85.png-lossy-85.webp-lossy-85.foil1/_www-heise-de_/imgs/18/4/6/3/8/5/5/5/2024-04-04-Bing_Designer-Appliances-2160px-9526062eac125400.png)
Vulnerabilities threaten appliances.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
Admins who use Dell's Data Protection Advisor for backups should update the application promptly. The PC manufacturer has solved several security problems in a current version.
Secured version available
According to a warning message, the developers have closed ten older vulnerabilities dating back to 2013. This affects the iText and Xstream components. Overall, Dell classifies the impact of successful attacks as"critical".
If attacks succeed, attackers can execute malicious code (e.g. CVE-2013-7285"critical", CVE-2019-10173"high"). Only versions 19.8, 19.9 and 19.10 are at risk. Version 19.11 is said to have been repaired.
(des)