Dell Enterprise SONiC Vulnerabilities Let Attackers Compromise The System

Dell Technologies has disclosed three critical security vulnerabilities affecting its Enterprise SONiC (Software for Open Networking in the Cloud) operating system. These vulnerabilities could allow attackers to compromise affected systems.

The vulnerabilities, identified as CVE-2024-45763, CVE-2024-45764, and CVE-2024-45765, impact Dell Enterprise SONiC OS versions 4.1.x and 4.2.x.

The first vulnerability, CVE-2024-45763, is an OS Command Injection flaw with a CVSS score of 9.1. It allows a high-privileged attacker with remote access to execute arbitrary commands on the system.

CVE-2024-45764, with a CVSS score of 9.0, is a Missing Critical Step in Authentication vulnerability. This flaw enables an unauthenticated attacker with remote access to bypass protection mechanisms.

Attend a Free Webinar on How to Maximize Cybersecurity Program ROI

The third vulnerability, CVE-2024-45765, is another OS Command Injection flaw with a CVSS score of 9.1. It allows high-privilege OS commands to be executed with a less-privileged role.

These vulnerabilities pose a significant threat to network security. Successful exploitation could lead to unauthorized access, command execution, and potential full system compromise.

The high CVSS scores indicate the critical nature of these flaws.

Dell has released security updates to address these vulnerabilities. Affected products include:

• Dell Enterprise SONiC Distribution versions prior to 4.1.6
• Dell Enterprise SONiC Distribution versions prior to 4.2.2

To mitigate the risk, users are strongly advised to upgrade to version 4.1.6 or 4.2.2.

Given the critical nature of these vulnerabilities, Dell recommends that customers upgrade their systems as soon as possible.

Organizations should implement strong network segmentation and access controls to limit remote access to affected systems in the interim.

Security researchers from QI-ANXIN’s TIANGONG Team discovered and reported two of the vulnerabilities to Dell, demonstrating the importance of responsible disclosure in maintaining cybersecurity.

As of now, there is no evidence of active exploitation of these vulnerabilities. However, the potential for attacks remains high, and administrators should act swiftly to secure their networks.

This incident underscores the ongoing importance of prompt patching and vigilant security practices in enterprise networking environments.

As threats continue to evolve, staying current with security updates remains critical to maintaining robust network defenses.

Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!