Monday, December 23, 2024
HomeCVE/vulnerabilityDell Enterprise SONiC Flaw Let Attackers Hijack the System

Dell Enterprise SONiC Flaw Let Attackers Hijack the System

Published on

SIEM as a Service

Dell Technologies has disclosed multiple critical security vulnerabilities in its Enterprise SONiC OS, which could allow attackers to gain control of affected systems.

These vulnerabilities, identified through the Common Vulnerabilities and Exposures (CVE) system, are critical and affect Dell Enterprise SONiC OS versions 4.1.x and 4.2.x.

Dell urges users to upgrade their systems immediately to the remediated versions to mitigate potential risks.

- Advertisement - SIEM as a Service

Attend a Free Webinar on How to Maximize Cybersecurity Program ROI

CVE-2024-45763: OS Command Injection Vulnerability

Dell Enterprise SONiC OS, in versions 4.1.x and 4.2.x, contains an improper neutralization of special elements used in OS commands, also known as an OS Command Injection vulnerability, CVE-2024-45763.

A highly privileged attacker with remote access could exploit this flaw to execute arbitrary commands on the affected system.

  • CVSS Base Score: 9.1 (Critical)
  • CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

This vulnerability allows a high-privilege attacker to execute system-level commands remotely, potentially leading to a complete system takeover. Dell recommends immediate upgrades to prevent exploitation.

CVE-2024-45764: Missing Critical Step in Authentication

CVE-2024-45764 vulnerability affects Dell Enterprise SONiC OS versions 4.1.x and 4.2.x. An unauthenticated attacker with remote access could exploit a missing critical step in the authentication process, bypassing protection mechanisms and gaining unauthorized access to the system.

  • CVSS Base Score: 9.0 (Critical)
  • CVSS Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

This vulnerability poses a significant risk as it could allow attackers to bypass key authentication protocols, potentially leading to unauthorized access and further exploitation.

CVE-2024-45765: OS Command Injection Vulnerability

Like CVE-2024-45763, this vulnerability, CVE-2024-45765, involves improperly neutralizing particular elements in OS commands.

However, CVE-2024-45765 allows high-privilege OS commands to be executed by users with less privileged roles, increasing the risk of system compromise.

  • CVSS Base Score: 9.1 (Critical)
  • CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Dell recommends immediate upgrades to versions that address these vulnerabilities, as they could allow attackers to perform unauthorized actions on the system.

Affected Products & Remediation

ProductAffected VersionsRemediated Versions
Dell Enterprise SONiC DistributionVersions before 4.2.24.1.6
Dell Enterprise SONiC DistributionVersions prior to 4.2.24.2.2

Customers using the affected versions are strongly encouraged to upgrade to the remediated versions (4.1.6 or 4.2.2) as soon as possible to avoid potential exploits.

Dell Technologies advises customers to consider both the CVSS base score and relevant temporal and environmental factors when assessing the severity of these vulnerabilities.

Given the critical nature of these flaws, prompt updates are necessary to safeguard sensitive systems from exploitation.

Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

17M Patient Records Stolen in Ransomware Attack on Three California Hospitals

A staggering 17 million patient records, containing sensitive personal and medical information, have been...

WhatsApp Wins NSO in Pegasus Spyware Hacking Lawsuit After 5 Years

After a prolonged legal battle stretching over five years, WhatsApp has triumphed over NSO...

PentestGPT – A ChatGPT Powered Automated Penetration Testing Tool

GBHackers come across a new ChatGPT-powered Penetration testing Tool called "PentestGPT" that helps penetration...

Threat Actors Selling Nunu Stealer On Hacker Forums

A new malware variant called Nunu Stealer is making headlines after being advertised on underground hacker...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

17M Patient Records Stolen in Ransomware Attack on Three California Hospitals

A staggering 17 million patient records, containing sensitive personal and medical information, have been...

WhatsApp Wins NSO in Pegasus Spyware Hacking Lawsuit After 5 Years

After a prolonged legal battle stretching over five years, WhatsApp has triumphed over NSO...

Threat Actors Selling Nunu Stealer On Hacker Forums

A new malware variant called Nunu Stealer is making headlines after being advertised on underground hacker...