Saturday, December 7, 2024
Homecyber securityDell Wyse Management Suite Vulnerabilities Let Attackers Exploit Affected Systems Remotely

Dell Wyse Management Suite Vulnerabilities Let Attackers Exploit Affected Systems Remotely

Published on

SIEM as a Service

Dell Technologies has released a security update for its Wyse Management Suite (WMS) to address multiple vulnerabilities that could allow malicious users to compromise affected systems.

Wyse Management Suite is a flexible hybrid cloud solution that empowers IT admin to securely manage Dell client devices from anywhere.

The vulnerabilities identified in Dell Wyse Management Suite are categorized as “High” in terms of severity, as they could enable attackers to bypass authentication mechanisms, delete arbitrary files, or cause a denial of service.

- Advertisement - SIEM as a Service

These weaknesses could potentially compromise the security and functionality of the affected systems.

Details of the Vulnerabilities

Several vulnerabilities have been identified in the Wyse Management Suite (WMS) version 4.4 and earlier.

Notably, CVE-2024-7553 is a third-party component vulnerability affecting MongoDB, which is utilized within WMS. For comprehensive details on this CVE, please refer to the National Vulnerability Database (NVD).

In addition to the third-party issue, there are multiple proprietary code vulnerabilities:

CVE-2024-49595 addresses an Authentication Bypass by Capture-Replay. This vulnerability affects WMS versions 4.4 and prior, allowing a high-privileged attacker with remote access to exploit the system, potentially leading to a denial of service. It has a CVSS score of 7.6 (High).

CVE-2024-49597 involves the Improper Restriction of Excessive Authentication Attempts. Also impacting WMS 4.4 and earlier versions, this vulnerability could enable a high-privileged attacker to bypass protection mechanisms. It carries a CVSS score of 7.6 (High) and shares the same vector as CVE-2024-49595.

CVE-2024-49596 pertains to Missing Authorization. Exploitation of this vulnerability in WMS 4.4 and prior versions could lead to denial of service and arbitrary file deletion. It has a CVSS score of 5.9 (Medium).

Dell advises that customers consider not only the CVSS base scores but also any relevant temporal and environmental scores to assess the potential severity of each vulnerability in their specific deployment environment.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Affected Products and Remediation

Dell has identified the following products and provided remediation details:

CVE IDs AddressedProductAffected VersionsRemediated VersionsRelease Date
CVE-2024-7553
CVE-2024-49595, CVE-2024-49597, CVE-2024-49596
Dell Wyse Management SuiteVersions 4.4 and prior4.4.1 or laterNovember 25, 2024
CVE-2024-49596Dell Wyse Management Suite RepositoryVersions 4.4 and prior4.4.1 or laterNovember 25, 2024

Action Recommended: Upgrade to WMS version 4.4.1 or later to address all identified vulnerabilities.

Workarounds and Mitigations

None available. Dell strongly advises applying the update, as no workarounds or mitigations exist for the identified vulnerabilities.

Dell Technologies extends its gratitude to the individuals and organizations that responsibly disclosed the recently identified vulnerabilities.

Specifically, CVE-2024-49596 was reported by Ahmed Y. Elmogy, and CVE-2024-49595 was identified by Harm Blankers, Jasper Westerman, and Yanick de Pater from REQON B.V. Their contributions have been invaluable in enhancing the security and integrity of our products.

Analyze cyber threats with ANYRUN's powerful sandbox. Black Friday Deals : Get up to 3 Free Licenses.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...