DSA-2025-390: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities

Oversigt: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Denne artikel gælder for Denne artikel gælder ikke for Denne artikel er ikke knyttet til et bestemt produkt. Det er ikke alle produktversioner, der er identificeret i denne artikel.
Udforsk andre ressourcer

Virkning

Critical

Oplysninger

Third-Party Component CVE More Information
Apache2 CVE-2024-42516, CVE-2024-43204, CVE-2024-47252, CVE-2025-23048, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-47947, CVE-2025-48866, CVE-2025-54571 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Boost CVE-2016-9840 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
commons CVE-2025-48976, CVE-2025-48924 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
coreutils-8.32-150400.9.9.1 CVE-2025-5278 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libcurl CVE-2024-6874, CVE-2025-0665, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2025-10148 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
docker CVE-2025-0495, CVE-2025-22872, CVE-2025-54388 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
esapi CVE-2025-5878 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
exim CVE-2024-39929 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
glib2 CVE-2025-4373, CVE-2025-6052 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
glibc CVE-2025-8058 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
gpg2 CVE-2025-30258 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
grub2 CVE-2024-56738 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
iputils CVE-2025-48964 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libjq1 CVE-2024-23337, CVE-2025-48060 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
kernel CVE-2023-52888, CVE-2023-53146, CVE-2023-53324, CVE-2023-53325, CVE-2023-53328, CVE-2023-53331, CVE-2023-53333, CVE-2023-53336, CVE-2023-53338, CVE-2023-53339, CVE-2023-53342, CVE-2023-53343, CVE-2023-53350, CVE-2023-53352, CVE-2023-53354, CVE-2023-53356, CVE-2023-53357, CVE-2023-53360, CVE-2023-53362, CVE-2023-53364, CVE-2023-53365, CVE-2023-53367, CVE-2023-53368, CVE-2023-53369, CVE-2023-53370, CVE-2023-53371, CVE-2023-53374, CVE-2023-53377, CVE-2023-53379, CVE-2023-53380, CVE-2023-53384, CVE-2023-53385, CVE-2023-53386, CVE-2023-53391, CVE-2023-53394, CVE-2023-53395, CVE-2023-53397, CVE-2023-53401, CVE-2023-53420, CVE-2023-53421, CVE-2023-53424, CVE-2023-53425, CVE-2023-53426, CVE-2023-53428, CVE-2023-53429, CVE-2023-53432, CVE-2023-53436, CVE-2023-53438, CVE-2023-53441, CVE-2023-53442, CVE-2023-53444, CVE-2023-53446, CVE-2023-53447, CVE-2023-53448, CVE-2023-53451, CVE-2023-53454, CVE-2023-53456, CVE-2023-53457, CVE-2023-53461, CVE-2023-53462, CVE-2023-53463, CVE-2023-53465, CVE-2023-53472, CVE-2023-53479, CVE-2023-53480, CVE-2023-53485, CVE-2023-53487, CVE-2023-53488, CVE-2023-53490, CVE-2023-53491, CVE-2023-53492, CVE-2023-53493, CVE-2023-53495, CVE-2023-53496, CVE-2023-53500, CVE-2023-53501, CVE-2023-53504, CVE-2023-53505, CVE-2023-53507, CVE-2023-53508, CVE-2023-53510, CVE-2023-53515, CVE-2023-53516, CVE-2023-53518, CVE-2023-53519, CVE-2023-53520, CVE-2023-53523, CVE-2023-53526, CVE-2023-53527, CVE-2023-53528, CVE-2023-53530, CVE-2023-53531, CVE-2024-26584, CVE-2024-26831, CVE-2024-28956, CVE-2024-43869, CVE-2024-46713, CVE-2024-49568, CVE-2024-50106, CVE-2024-50223, CVE-2024-53135, CVE-2024-54458, CVE-2024-56613, CVE-2024-56699, CVE-2024-57982, CVE-2024-58053, CVE-2024-58090, CVE-2024-58098, CVE-2024-58099, CVE-2024-58100, CVE-2024-58237, CVE-2024-58240, CVE-2025-21629, CVE-2025-21648, CVE-2025-21658, CVE-2025-21702, CVE-2025-21720, CVE-2025-21787, CVE-2025-21814, CVE-2025-21868, CVE-2025-21898, CVE-2025-21899, CVE-2025-21919, CVE-2025-21920, CVE-2025-21938, CVE-2025-21959, CVE-2025-21997, CVE-2025-22005, CVE-2025-22021, CVE-2025-22022, CVE-2025-22030, CVE-2025-22035, CVE-2025-22056, CVE-2025-22057, CVE-2025-22063, CVE-2025-22066, CVE-2025-22070, CVE-2025-22083, CVE-2025-22089, CVE-2025-22095, CVE-2025-22103, CVE-2025-22111, CVE-2025-22113, CVE-2025-22119, CVE-2025-22120, CVE-2025-22124, CVE-2025-22125, CVE-2025-22126, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-37738, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742, CVE-2025-37743, CVE-2025-37747, CVE-2025-37748, CVE-2025-37749, CVE-2025-37750, CVE-2025-37752, CVE-2025-37754, CVE-2025-37755, CVE-2025-37756, CVE-2025-37757, CVE-2025-37758, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772, CVE-2025-37773, CVE-2025-37780, CVE-2025-37781, CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796, CVE-2025-37797, CVE-2025-37798, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803, CVE-2025-37805, CVE-2025-37809, CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37815, CVE-2025-37819, CVE-2025-37820, CVE-2025-37823, CVE-2025-37824, CVE-2025-37829, CVE-2025-37830, CVE-2025-37831, CVE-2025-37833, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37858, CVE-2025-37859, CVE-2025-37862, CVE-2025-37865, CVE-2025-37867, CVE-2025-37870, CVE-2025-37871, CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37879, CVE-2025-37881, CVE-2025-37884, CVE-2025-37886, CVE-2025-37887, CVE-2025-37889, CVE-2025-37890, CVE-2025-37891, CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37917, CVE-2025-37918, CVE-2025-37921, CVE-2025-37923, CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37929, CVE-2025-37930, CVE-2025-37931, CVE-2025-37932, CVE-2025-37933, CVE-2025-37936, CVE-2025-37937, CVE-2025-37938, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945, CVE-2025-37946, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951, CVE-2025-37953, CVE-2025-37954, CVE-2025-37957, CVE-2025-37958, CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37974, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982, CVE-2025-37983, CVE-2025-37985, CVE-2025-37986, CVE-2025-37987, CVE-2025-37989, CVE-2025-37990, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995, CVE-2025-37997, CVE-2025-37998, CVE-2025-38000, CVE-2025-38001, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005, CVE-2025-38007, CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38020, CVE-2025-38022, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045, CVE-2025-38053, CVE-2025-38057, CVE-2025-38059, CVE-2025-38060, CVE-2025-38065, CVE-2025-38068, CVE-2025-38072, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38083, CVE-2025-38104, CVE-2025-38119, CVE-2025-38152, CVE-2025-38234, CVE-2025-38240, CVE-2025-38255, CVE-2025-38263, CVE-2025-38351, CVE-2025-38402, CVE-2025-38408, CVE-2025-38418, CVE-2025-38419, CVE-2025-38456, CVE-2025-38465, CVE-2025-38466, CVE-2025-38488, CVE-2025-38514, CVE-2025-38526, CVE-2025-38527, CVE-2025-38533, CVE-2025-38544, CVE-2025-38556, CVE-2025-38574, CVE-2025-38584, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38597, CVE-2025-38605, CVE-2025-38614, CVE-2025-38616, CVE-2025-38622, CVE-2025-38623, CVE-2025-38637, CVE-2025-38639, CVE-2025-38640, CVE-2025-38643, CVE-2025-38645, CVE-2025-38659, CVE-2025-38660, CVE-2025-38664, CVE-2025-38668, CVE-2025-38676, CVE-2025-38678, CVE-2025-38679, CVE-2025-38680, CVE-2025-38681, CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38687, CVE-2025-38691, CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38697, CVE-2025-38698, CVE-2025-38701, CVE-2025-38702, CVE-2025-38705, CVE-2025-38706, CVE-2025-38709, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725, CVE-2025-38727, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-38736, CVE-2025-39675, CVE-2025-39677, CVE-2025-39678, CVE-2025-39679, CVE-2025-39681, CVE-2025-39682, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39691, CVE-2025-39693, CVE-2025-39694, CVE-2025-39701, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39709, CVE-2025-39710, CVE-2025-39713, CVE-2025-39714, CVE-2025-39718, CVE-2025-39719, CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39732, CVE-2025-39735, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39749, CVE-2025-39750, CVE-2025-39754, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39764, CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39790, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800, CVE-2025-39801, CVE-2025-39806, CVE-2025-39808, CVE-2025-39810, CVE-2025-39823, CVE-2025-39824, CVE-2025-39825, CVE-2025-39826, CVE-2025-39827, CVE-2025-39832, CVE-2025-39833, CVE-2025-39835, CVE-2025-39838, CVE-2025-39839, CVE-2025-39842, CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848, CVE-2025-39849, CVE-2025-39850, CVE-2025-39853, CVE-2025-39854, CVE-2025-39857, CVE-2025-39860, CVE-2025-39861, CVE-2025-39863, CVE-2025-39864, CVE-2025-39865, CVE-2025-39869, CVE-2025-39870, CVE-2025-39871, CVE-2025-39873, CVE-2025-39882, CVE-2025-39885, CVE-2025-39889, CVE-2025-39891, CVE-2025-39907, CVE-2025-39920, CVE-2025-39923, CVE-2025-39925, CVE-2025-40014, CVE-2025-40300, CVE-2025-40325 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libavahi CVE-2024-52615 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libcairo2 CVE-2025-50422 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libgcrypt20 CVE-2024-2236 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libgnutls30 CVE-2025-6395, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libicu-suse65 CVE-2025-5222 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libopenssl CVE-2025-9230, CVE-2025-27587 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libpq5 CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libpython3 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435, CVE-2025-4516, CVE-2025-4517, CVE-2025-6069, CVE-2025-8194 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libruby CVE-2024-35221, CVE-2025-6442, CVE-2025-27221 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libsqlite CVE-2025-3277, CVE-2025-6965 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libssh CVE-2025-4877, CVE-2025-4878, CVE-2025-5318, CVE-2025-5372, CVE-2025-8114, CVE-2025-8277 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libsystemd CVE-2025-4598 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libvmtools CVE-2025-41244 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libxml2 CVE-2025-6021, CVE-2025-6170, CVE-2025-7425, CVE-2025-49794, CVE-2025-49795, CVE-2025-49796 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
net-tools CVE-2025-46836 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
netty CVE-2025-55163, CVE-2025-58056, CVE-2025-58057 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
pam CVE-2025-6018 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
per CVE-2025-40909 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
spring-security CVE-2024-38827, CVE-2025-22234, CVE-2025-41242, CVE-2025-41249, CVE-2025-41234 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
sudo CVE-2025-32462, CVE-2025-32463 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
tomcat CVE-2025-46701, CVE-2025-48988, CVE-2025-48989, CVE-2025-52520, CVE-2025-53506 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
vim CVE-2024-41965, CVE-2025-29768, CVE-2025-53905, CVE-2025-53906, CVE-2025-55157, CVE-2025-55158 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

 

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-46696 Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

 

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-46696 Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies anbefaler, at alle kunder tager hensyn til både CVSS-basisresultatet og alle relevante tidsmæssige og miljømæssige resultater, som kan have betydning for den potentielle alvorsgrad, der er forbundet med en bestemt sikkerhedsrisiko.

Berørte produkter og udbedring

Product Affected Version Updated Version Link
Dell Secure Connect Gateway - Appliance Versions prior to 5.32.00.20 Version 5.32.00.20 or later https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers
Dell Secure Connect Gateway - Application  Versions 5.26.00 through 5.30.00 Version 5.32.00 or later https://www.dell.com/support/home/product-support/product/secure-connect-gateway-app-edition/drivers

 

Product Affected Version Updated Version Link
Dell Secure Connect Gateway - Appliance Versions prior to 5.32.00.20 Version 5.32.00.20 or later https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers
Dell Secure Connect Gateway - Application  Versions 5.26.00 through 5.30.00 Version 5.32.00 or later https://www.dell.com/support/home/product-support/product/secure-connect-gateway-app-edition/drivers

 

Revisionshistorik

RevisionDateDescription
1.02025-11-04Initial Release
2.02025-11-12Added CVE-2024-39929 to the remediated table and updated the remediated version
3.02025-12-16Updated the Affected Product and Remediation table. New patch 5.30.00.20 has been released for Secure Connect Gateway that addresses vulnerabilities of the Python library
4.02025-12-18Added CVE-2025-46696 to the remediated table

 

Bekræftelser

CVE-2025-46696: Dell would like to thank Ahmed Y. Elmogy for reporting this issue. 

Relaterede oplysninger

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Ansvarsfraskrivelse

Berørte produkter

Secure Connect Gateway, Secure Connect Gateway - Application Edition, Secure Connect Gateway - Virtual Edition
Artikelegenskaber
Artikelnummer: 000385230
Artikeltype: Dell Security Advisory
Senest ændret: 18 dec. 2025
Find svar på dine spørgsmål fra andre Dell-brugere
Supportservices
Kontrollér, om din enhed er dækket af supportservices.