DSA-2025-104: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities
Summary: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Critical
Details
|
Third-Party Component |
CVEs | More information |
| Commons-net | CVE-2021-37533 | https://nvd.nist.gov/vuln/search |
| Glibc | CVE-2025-0395 | https://nvd.nist.gov/vuln/search |
| Grub2 | CVE-2025-0622, CVE-2025-0624, CVE-2025-0677, CVE-2025-0678, CVE-2025-0684, CVE-2025-0685, CVE-2025-0686, CVE-2025-0689, CVE-2025-0690, CVE-2025-1118, CVE-2025-1125 | https://nvd.nist.gov/vuln/search |
| HttpClient | CVE-2020-13956 | https://nvd.nist.gov/vuln/search |
| Kernel |
CVE-2021-47163, CVE-2021-47416, CVE-2021-47612, CVE-2022-48788, CVE-2022-48789, CVE-2022-48790, CVE-2022-48809, CVE-2022-48946, CVE-2022-48949, CVE-2022-48951, CVE-2022-48956, CVE-2022-48958, CVE-2022-48960, CVE-2022-48962, CVE-2022-48966, CVE-2022-48967, CVE-2022-48969, CVE-2022-48971, CVE-2022-48972, CVE-2022-48973, CVE-2024-11187, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12133, CVE-2024-12747, CVE-2024-26644, CVE-2024-26801, CVE-2024-26804, CVE-2024-26852, CVE-2024-26976, CVE-2024-27043, CVE-2024-35847, CVE-2024-36484, CVE-2024-36883, CVE-2024-38538, CVE-2024-38589, CVE-2024-39476, CVE-2024-40965, CVE-2024-41013, CVE-2024-41082, CVE-2024-42114, CVE-2024-42131, CVE-2024-42253, CVE-2024-43374, CVE-2024-44931, CVE-2024-44958, CVE-2024-45774, CVE-2024-45775, CVE-2024-45776, CVE-2024-45777, CVE-2024-45778, CVE-2024-45779, CVE-2024-45780, CVE-2024-45781, CVE-2024-45782, CVE-2024-45783, CVE-2024-46724, CVE-2024-46755, CVE-2024-46802, CVE-2024-46809, CVE-2024-46813, CVE-2024-46816, CVE-2024-46818, CVE-2024-46826, CVE-2024-46834, CVE-2024-46840, CVE-2024-46841, CVE-2024-46848, CVE-2024-47141, CVE-2024-47220, CVE-2024-47666, CVE-2024-47670, CVE-2024-47672, CVE-2024-47673, CVE-2024-47674, CVE-2024-47678, CVE-2024-47679, CVE-2024-47684, CVE-2024-47685, CVE-2024-47696, CVE-2024-47697, CVE-2024-47698, CVE-2024-47706, CVE-2024-47707, CVE-2024-47709, CVE-2024-47713, CVE-2024-47735, CVE-2024-47737, CVE-2024-47742, CVE-2024-47745, CVE-2024-47749, CVE-2024-47809, CVE-2024-47814, CVE-2024-48881, CVE-2024-49851, CVE-2024-49860, CVE-2024-49877, CVE-2024-49881, CVE-2024-49882, CVE-2024-49883, CVE-2024-49884, CVE-2024-49890, CVE-2024-49891, CVE-2024-49894, CVE-2024-49896, CVE-2024-49901, CVE-2024-49920, CVE-2024-49929, CVE-2024-49936, CVE-2024-49944, CVE-2024-49948, CVE-2024-49949, CVE-2024-49957, CVE-2024-49958, CVE-2024-49959, CVE-2024-49962, CVE-2024-49965, CVE-2024-49966, CVE-2024-49967, CVE-2024-49982, CVE-2024-49991, CVE-2024-49995, CVE-2024-49996, CVE-2024-50006, CVE-2024-50007, CVE-2024-50024, CVE-2024-50033, CVE-2024-50035, CVE-2024-50039, CVE-2024-50045, CVE-2024-50047, CVE-2024-50058, CVE-2024-50099, CVE-2024-50142, CVE-2024-50143, CVE-2024-50151, CVE-2024-50166, CVE-2024-50179, CVE-2024-50194, CVE-2024-50199, CVE-2024-50210, CVE-2024-50211, CVE-2024-50228, CVE-2024-50256, CVE-2024-50262, CVE-2024-50280, CVE-2024-50287, CVE-2024-50299, CVE-2024-52332, CVE-2024-52533, CVE-2024-53057, CVE-2024-53101, CVE-2024-53112, CVE-2024-53136, CVE-2024-53141, CVE-2024-53142, CVE-2024-53144, CVE-2024-53146, CVE-2024-53150, CVE-2024-53155, CVE-2024-53156, CVE-2024-53157, CVE-2024-53172, CVE-2024-53173, CVE-2024-53179, CVE-2024-53185, CVE-2024-53197, CVE-2024-53198, CVE-2024-53210, CVE-2024-53214, CVE-2024-53224, CVE-2024-53227, CVE-2024-53239, CVE-2024-53240, CVE-2024-55916, CVE-2024-56369, CVE-2024-56531, CVE-2024-56532, CVE-2024-56533, CVE-2024-56539, CVE-2024-56548, CVE-2024-56551, CVE-2024-56569, CVE-2024-56570, CVE-2024-56574, CVE-2024-56587, CVE-2024-56593, CVE-2024-56594, CVE-2024-56599, CVE-2024-5660, CVE-2024-56600, CVE-2024-56601, CVE-2024-56603, CVE-2024-56604, CVE-2024-56605, CVE-2024-56606, CVE-2024-56615, CVE-2024-56616,, CVE-2024-56623, CVE-2024-56630, CVE-2024-56631, CVE-2024-56637, CVE-2024-56641, CVE-2024-56642, CVE-2024-56643, CVE-2024-56650, CVE-2024-56661, CVE-2024-56662, CVE-2024-56664, CVE-2024-56681, CVE-2024-56700, CVE-2024-56704, CVE-2024-56722, CVE-2024-56724, CVE-2024-56737, CVE-2024-56739, CVE-2024-56747, CVE-2024-56748, CVE-2024-56756, CVE-2024-56759, CVE-2024-56763, CVE-2024-56769, CVE-2024-57791, CVE-2024-57849, CVE-2024-57884, CVE-2024-57887, CVE-2024-57888, CVE-2024-57890, CVE-2024-57892, CVE-2024-57893, CVE-2024-57896, CVE-2024-57899, CVE-2024-57903, CVE-2024-57922, CVE-2024-57929, CVE-2024-57931, CVE-2024-57932, CVE-2024-57938, CVE-2024-8805, CVE-2024-9681 CVE-2024-26886, CVE-2024-27051, CVE-2024-35937, CVE-2024-36886, CVE-2024-36905, CVE-2024-42098, CVE-2024-42229, CVE-2024-44995, CVE-2024-45016, CVE-2024-46771, CVE-2024-46777, CVE-2024-46800, CVE-2024-47660, CVE-2024-47701, CVE-2024-49858, CVE-2024-49868, CVE-2024-49921, CVE-2024-49925, CVE-2024-49938, CVE-2024-49945, CVE-2024-49950, CVE-2024-49952, CVE-2024-50044, CVE-2024-50055, CVE-2024-50073, CVE-2024-50074, CVE-2024-50095, CVE-2024-50115, CVE-2024-50117, CVE-2024-50125, CVE-2024-50135, CVE-2024-50148, CVE-2024-50150, CVE-2024-50154, CVE-2024-50167, CVE-2024-50171, CVE-2024-50183, CVE-2024-50187, CVE-2024-50195, CVE-2024-50218, CVE-2024-50234, CVE-2024-50236, CVE-2024-50237, CVE-2024-50264, CVE-2024-50265, CVE-2024-50267, CVE-2024-50273, CVE-2024-50278, CVE-2024-50279, CVE-2024-50289, CVE-2024-50290, CVE-2024-50296, CVE-2024-50301, CVE-2024-50302, CVE-2024-53058, CVE-2024-53061, CVE-2024-53063, CVE-2024-53066, CVE-2024-53085, CVE-2024-53088, CVE-2024-53104, CVE-2024-53114 CVE-2025-21653, CVE-2025-21664, CVE-2025-21678, CVE-2025-21682 |
https://nvd.nist.gov/vuln/search |
|
Libcurl |
CVE-2023-38545, CVE-2025-0167, CVE-2025-0725 |
https://nvd.nist.gov/vuln/search |
| Logback-classic |
CVE-2024-12798 |
https://nvd.nist.gov/vuln/search |
| Logback-core |
CVE-2024-12798 |
https://nvd.nist.gov/vuln/search |
| Netty |
CVE-2024-29025, CVE-2024-47535, CVE-2025-24970 |
https://nvd.nist.gov/vuln/search |
| OpenSSH |
CVE-2025-26465 |
https://nvd.nist.gov/vuln/search |
| OpenSSL |
CVE-2021-3712, CVE-2022-0778, CVE-2022-1292, CVE-2022-2068, CVE-2022-4304, CVE-2023-0286, CVE-2023-0215, CVE-2024-5535 |
https://nvd.nist.gov/vuln/search |
| spring-context |
CVE-2024-38820 |
https://nvd.nist.gov/vuln/search |
| spring-core |
CVE-2024-38820 |
https://nvd.nist.gov/vuln/search |
| spring-security-web |
CVE-2024-38821 |
https://nvd.nist.gov/vuln/search |
| spring-web |
CVE-2024-22262 |
https://nvd.nist.gov/vuln/search |
| Spring-webmvc |
CVE-2024-38819, CVE-2024-38820 |
https://nvd.nist.gov/vuln/search |
| Tomcat-embed-core |
CVE-2024-50379, CVE-2024-56337 |
https://nvd.nist.gov/vuln/search |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-23382 | Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. |
4.7 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |
| CVE-2025-26475 | Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts, reducing attack exposure, preventing accidental misconfigurations, and ensuring security controls remain active. | 5.5 | CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-23382 | Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. |
4.7 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |
| CVE-2025-26475 | Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts, reducing attack exposure, preventing accidental misconfigurations, and ensuring security controls remain active. | 5.5 | CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L |
Affected Products & Remediation
| Product | Affected Versions | Updated Version | Link to Update |
| Dell Secure Connect Gateway - Appliance | Versions prior to 5.28.00.14 | Version 5.28.00.14 or later | https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers |
| Product | Affected Versions | Updated Version | Link to Update |
| Dell Secure Connect Gateway - Appliance | Versions prior to 5.28.00.14 | Version 5.28.00.14 or later | https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers |
Revision History
| Revision | Date | Description |
| 1.0 | 2025-03-04 | Initial Release |
| 2.0 | 2025-03-04 | Corrected the CVE score URL |
| 3.0 | 2025-03-19 | Updated the CVE description for CVE-2025-26475 |
| 4.0 | 2025-03-19 | Updated for enhanced presentation with no changes to the content |
| 5.0 | 2025-04-24 | Removed CVE-2024-13176 from the DSA |
| 6.0 | 2025-07-08 | Updated the category section |
| 7.0 | 2025-07-23 | Updated the category section |
Related Information
Legal Disclaimer
Affected Products
Secure Connect Gateway, Secure Connect Gateway - Application Edition, Secure Connect Gateway - Virtual EditionArticle Properties
Article Number: 000291028
Article Type: Dell Security Advisory
Last Modified: 23 Jul 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.