DSA-2025-339: Security Update for Dell Avamar Data Store Gen5A Multiple Third-Party Component Vulnerabilities
Summary: Dell Avamar Data Store Gen5A remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Critical
Details
| Third-party Component | CVEs | More Information |
| Dell PowerEdge Server BIOS | CVE-2024-38796, CVE-2024-28956, CVE-2024-45332, CVE-2024-48012 | DSA-2025-038, DSA-2025-041, DSA-2025-156, DSA-2025-046 |
| Integrated Dell Remote Access Controller (iDRAC) | CVE-2025-26466, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2023-6780, CVE-2024-52533, CVE-2023-52340, CVE-2024-42154 | DSA-2025-145. DSA-2025-146, DSA-2024-460 |
Affected Products & Remediation
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| Avamar Data Store Gen5A | Dell PowerEdge Server BIOS | Versions prior to 2.24.0 | Version 2.24.0 | Avamar Data Store Gen5A Update for Server Nodes (Hotfix 338901) |
| Avamar Data Store Gen5A | Integrated Dell Remote Access Controller (iDRAC) | Versions prior to 7.00.00.181 | Version 7.00.00.181 | Avamar Data Store Gen5A Update for Server Nodes (Hotfix 338901) |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| Avamar Data Store Gen5A | Dell PowerEdge Server BIOS | Versions prior to 2.24.0 | Version 2.24.0 | Avamar Data Store Gen5A Update for Server Nodes (Hotfix 338901) |
| Avamar Data Store Gen5A | Integrated Dell Remote Access Controller (iDRAC) | Versions prior to 7.00.00.181 | Version 7.00.00.181 | Avamar Data Store Gen5A Update for Server Nodes (Hotfix 338901) |
Notes:
- This security includes both newly remedied and past vulnerabilities included in this cumulative update.
- Dell recommends upgrading to the latest release/version of your product. To schedule a platform security patch installation or firmware upgrade, please contact Dell Customer Support.
Known Issue:
- Upgrading directly to the August 2025 firmware, which includes BIOS 2.24.0, may fail on systems running BIOS versions prior to 2.12.2, due to compatibility constraints.
Required Action:
- To verify the BIOS version, run the following command in the Avamar console as an admin/root user:
omreport system version
- If the BIOS version is earlier than 2.12.2 contact Dell Customer Support to apply the September 2021 firmware block (AVP: Gen5aSep2021Blk338753.avp) before installing the August 2025 firmware.
Workarounds & Mitigations
None
Revision History
| Revision | Date | Description |
| 1.0 | 2025-09-01 | Initial Release |
| 2.0 | 2025-10-06 | Replaced the NVD generic search link with the PowerEdge and iDrac advisories |
| 3.0 | 2025-10-22 | Major update to include CVE-2024-48012 |
| 4.0 | 2025-12-30 | Updated 'Additional Information' section |
Related Information
Legal Disclaimer
Affected Products
Avamar, Avamar Data Store, Avamar Data Store Gen5A, Avamar ServerArticle Properties
Article Number: 000362542
Article Type: Dell Security Advisory
Last Modified: 30 Dec 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.