DSA-2024-001: Dell PowerEdge Server Security Update for Intel Ethernet Controllers & Adapters and SPS Firmware Vulnerabilities

Summary: Dell PowerEdge Server remediation is available for Intel Ethernet Controllers & Adapters and SPS Firmware vulnerabilities that could be exploited by malicious users to compromise the affected system. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

High

Details

Third-party Component CVEs More Information
Intel® Ethernet Adapter Tools and Driver CVE-2023-39432, CVE-2023-33870 INTEL-SA-00993This hyperlink is taking you to a website outside of Dell Technologies.
Intel 4th Generation Xeon® Scalable Processors CVE-2023-29153 INTEL-SA-01003This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Link
CVE-2023-29153 PowerEdge R660 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r660/drivers
CVE-2023-29153 PowerEdge R760 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r760/drivers
CVE-2023-29153 PowerEdge C6620 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-c6620/drivers
CVE-2023-29153 PowerEdge MX760c BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-mx760c/drivers
CVE-2023-29153 PowerEdge R860 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r860/drivers
CVE-2023-29153 PowerEdge R960 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r960/drivers
CVE-2023-29153 PowerEdge HS5610 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-hs5610/drivers
CVE-2023-29153 PowerEdge HS5620 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-hs5620/drivers
CVE-2023-29153 PowerEdge R660xs BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r660xs/drivers
CVE-2023-29153 PowerEdge R760xs BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r760xs/drivers
CVE-2023-29153 PowerEdge R760xd2 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r760xd2/drivers
CVE-2023-29153 PowerEdge T560 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-t560/drivers
CVE-2023-29153 PowerEdge R760xa BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r760xa/drivers
CVE-2023-29153 PowerEdge XE9680 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xe9680/drivers
CVE-2023-29153 PowerEdge XR5610 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xr5610/drivers
CVE-2023-29153 PowerEdge XR8610t BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xr8610t/drivers
CVE-2023-29153 PowerEdge XR8620t BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xr8620t/drivers
CVE-2023-29153 PowerEdge XR7620 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xr7620/drivers
CVE-2023-29153 PowerEdge XE8640 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xe8640/drivers
CVE-2023-29153 PowerEdge XE9640 BIOS Versions prior to 1.3.6 Version 1.3.6 or later https://www.dell.com/support/home/product-support/product/poweredge-xe9640/drivers
CVE-2023-29153 Dell XC Core XC660 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/dell-xc660-core/drivers
CVE-2023-29153 Dell XC Core XC760 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/dell-xc760-core/drivers
CVE-2023-39432, CVE-2023-33870 Intel E810 Adapters and Intel E823 LOM Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/drivers/driversdetails?driverid=hdwkr&oscode=ws22l&productcode=Intel E810 Adapters and Intel E823 LOM
CVE-2023-39432, CVE-2023-33870 Intel I350, I354, and X550 Adapters Firmware Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/drivers/driversdetails?driverid=tnxw1&oscode=ws22l&productcode=Intel I350, I354, and X550 Adapters Firmware
CVE-2023-39432, CVE-2023-33870 Intel X710, XXV710, and XL710 Adapters Firmware Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/drivers/driversdetails?driverid=1r0w0&oscode=ws22l&productcode=Intel X710, XXV710, and XL710 Adapters Firmware
CVE-2023-39432, CVE-2023-33870 NX440 Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/en-us/product-support/product/storage-nx440/drivers
CVE-2023-39432, CVE-2023-33870 NX3340 Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/en-us/product-support/product/storage-nx3340/drivers
CVE-2023-39432, CVE-2023-33870 NX3240 Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/en-us/product-support/product/storage-nx3240/drivers
CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Link
CVE-2023-29153 PowerEdge R660 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r660/drivers
CVE-2023-29153 PowerEdge R760 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r760/drivers
CVE-2023-29153 PowerEdge C6620 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-c6620/drivers
CVE-2023-29153 PowerEdge MX760c BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-mx760c/drivers
CVE-2023-29153 PowerEdge R860 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r860/drivers
CVE-2023-29153 PowerEdge R960 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r960/drivers
CVE-2023-29153 PowerEdge HS5610 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-hs5610/drivers
CVE-2023-29153 PowerEdge HS5620 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-hs5620/drivers
CVE-2023-29153 PowerEdge R660xs BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r660xs/drivers
CVE-2023-29153 PowerEdge R760xs BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r760xs/drivers
CVE-2023-29153 PowerEdge R760xd2 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r760xd2/drivers
CVE-2023-29153 PowerEdge T560 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-t560/drivers
CVE-2023-29153 PowerEdge R760xa BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/poweredge-r760xa/drivers
CVE-2023-29153 PowerEdge XE9680 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xe9680/drivers
CVE-2023-29153 PowerEdge XR5610 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xr5610/drivers
CVE-2023-29153 PowerEdge XR8610t BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xr8610t/drivers
CVE-2023-29153 PowerEdge XR8620t BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xr8620t/drivers
CVE-2023-29153 PowerEdge XR7620 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xr7620/drivers
CVE-2023-29153 PowerEdge XE8640 BIOS Versions prior to 1.8.0 Version 1.8.0 or later https://www.dell.com/support/home/product-support/product/poweredge-xe8640/drivers
CVE-2023-29153 PowerEdge XE9640 BIOS Versions prior to 1.3.6 Version 1.3.6 or later https://www.dell.com/support/home/product-support/product/poweredge-xe9640/drivers
CVE-2023-29153 Dell XC Core XC660 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/dell-xc660-core/drivers
CVE-2023-29153 Dell XC Core XC760 BIOS Versions prior to 2.0.0 Version 2.0.0 or later https://www.dell.com/support/home/product-support/product/dell-xc760-core/drivers
CVE-2023-39432, CVE-2023-33870 Intel E810 Adapters and Intel E823 LOM Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/drivers/driversdetails?driverid=hdwkr&oscode=ws22l&productcode=Intel E810 Adapters and Intel E823 LOM
CVE-2023-39432, CVE-2023-33870 Intel I350, I354, and X550 Adapters Firmware Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/drivers/driversdetails?driverid=tnxw1&oscode=ws22l&productcode=Intel I350, I354, and X550 Adapters Firmware
CVE-2023-39432, CVE-2023-33870 Intel X710, XXV710, and XL710 Adapters Firmware Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/drivers/driversdetails?driverid=1r0w0&oscode=ws22l&productcode=Intel X710, XXV710, and XL710 Adapters Firmware
CVE-2023-39432, CVE-2023-33870 NX440 Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/en-us/product-support/product/storage-nx440/drivers
CVE-2023-39432, CVE-2023-33870 NX3340 Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/en-us/product-support/product/storage-nx3340/drivers
CVE-2023-39432, CVE-2023-33870 NX3240 Firmware Versions prior to 22.5.0 Version 22.5.0 or later https://www.dell.com/support/home/en-us/product-support/product/storage-nx3240/drivers
  • The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
  • Due to updates to address a functional issue, the previous BIOS version 1.7.6 for 16G E5 platforms was replaced by 1.8.0. Dell recommends all customers update to BIOS version 1.8.0.

Workarounds & Mitigations

None

Revision History

RevisionDateDescription
1.02023-02-13Initial release
2.02024-02-13
  • Added 16G XC Platforms: Dell XC Core XC660, Dell XC Core XC760
  • Updated the Year from 2023 to 2024 for Initial Release
3.02024-02-14Added Dell XC Core XC660 and Dell XC Core XC760 to the Affected Product List
4.02024-02-22Added PowerVault to Affected Product List
5.02024-04-30
  • Updated release versions for 16G platforms due to BIOS re-spin.
  • Updated the wordings "Due to updates to address a functional issue, the previous BIOS version 1.7.6 for 16G E5 platforms was replaced by 1.8.0. Dell recommends all customers update to BIOS version 1.8.0." under the Additional Information section.
6.02024-06-04Product Tagging edits
7.02024-06-04Product Tagging edits
8.02024-06-04Product Tagging edits
9.02024-06-13Updated for enhanced presentation with no changes to content

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

Dell XC Core XC4520C, Dell XC Core XC660, Dell XC Core XC760, Dell XC Core XC7625, OEMR R440, OEMR R450, OEMR R540, OEMR R550, OEMR R640, OEMR R650, OEMR R650xs, OEMR R6515, OEMR R6525, OEMR R660, OEMR R660xs, OEMR R6615, OEMR R6625, OEMR R740 , OEMR R740xd, OEMR R740xd2, OEMR R750, OEMR R750xa, OEMR R750xs, OEMR R7515, OEMR R7525, OEMR R760, OEMR R760xa, OEMR R760XD2, OEMR R760xs, OEMR R7615, OEMR R7625, PowerEdge C6620, PowerEdge HS5610, PowerEdge HS5620, PowerEdge MX760c, PowerEdge R660, PowerEdge R660xs, PowerEdge R760, PowerEdge R760XA, PowerEdge R760xd2, PowerEdge R760xs, PowerEdge R860, PowerEdge R960, PowerEdge T560, PowerEdge XE8640, PowerEdge XE9640, PowerEdge XE9680, PowerEdge XR5610, PowerEdge XR7620, PowerEdge XR8610t, PowerEdge XR8620t, Dell EMC Storage NX3240, Dell EMC Storage NX3340, Dell EMC NX440, Dell EMC vSAN MX740c Ready Node, Dell EMC vSAN MX750c Ready Node, Dell vSAN Ready Node MX760c, Dell EMC vSAN R440 Ready Node, Dell EMC vSAN R640 Ready Node, Dell EMC vSAN R650 Ready Node, Dell EMC vSAN R6515 Ready Node, vSAN Ready Node R660, Dell EMC vSAN R740 Ready Node, Dell EMC vSAN R740xd Ready Node, Dell EMC vSAN R750 Ready Node, Dell EMC vSAN R7515 Ready Node, Dell EMC vSAN R760 Ready Node, Dell vSAN R7615 Ready Node, Dell vSAN Ready Node R7625, Dell EMC vSAN R840 Ready Node ...
Article Properties
Article Number: 000221972
Article Type: Dell Security Advisory
Last Modified: 08 Nov 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.