DSA-2025-166: Security Update for Dell PowerScale OneFS Multiple Third-Party Component Vulnerabilities

Yhteenveto: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Tämä artikkeli koskee tuotetta Tämä artikkeli ei koske tuotetta Tämä artikkeli ei liity tiettyyn tuotteeseen. Tässä artikkelissa ei yksilöidä kaikkia tuoteversioita.
Tutustu muihin resursseihin

Vaikutus

Critical

Tiedot

Third-Party Component CVEs More information
Dell PowerEdge Server BIOS CVE-2024-28047, CVE-2024-36293, CVE-2024-39279, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2024-28956, CVE-2024-31068, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-20064, CVE-2025-20105, CVE-2025-20028, CVE-2025-20027, CVE-2025-20073 DSA-2025-041, DSA-2025-042, DSA-2025-156, DSA-2025-297, DSA-2024-381, DSA-2025-038
Dell Remote Access Controller (iDRAC) CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-26466, CVE-2024-48012, CVE-2025-22397 DSA-2025-146, DSA-2025-156, DSA-2025-376

 

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

Tuotteet, joihin asia vaikuttaa, ja tilanteen korjaaminen

CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Link
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 PowerScale F200 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 PowerScale F600 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 PowerScale F900 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 PowerScale B100 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 PowerScale P100 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466,  CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F210 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F710 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F910 PowerScale Node Firmware Package  Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area

 

 

CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Link
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 PowerScale F200 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 PowerScale F600 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 PowerScale F900 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 PowerScale B100 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 PowerScale P100 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466,  CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F210 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F710 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F910 PowerScale Node Firmware Package  Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area

 

 

Notes:

  1. We encourage all customers to upgrade to the remediated versions. If an upgrade is not feasible, customers should review the CVE details to determine potential risk to their environments.
  2. To identify which nodes require upgrading, please refer to the firmware assessment report. For instructions on completing the assessment and report, please refer to the "Run a firmware assessment" section in PowerScale Node Firmware Package 13.1.3 Release Notes documented in Firmware - PowerScale Info Hub.
  3. Due to the NFP installation issue with parallel upgrade, customers are advised not to perform parallel upgrades on version prior to 9.9.0.0.

Kiertotavat ja lievennyskeinot

None

Versiohistoria

RevisionDateDescription
1.02025-10-14Initial Release
2.02026-02-25Major update to include CVE-2025-22397
3.02026-04-28Major update to include CVE-2025-20064, CVE-2025-20105, CVE-2025-20028, CVE-2025-20027 and CVE-2025-20073

 

Asiaan liittyvät tiedot

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Vastuuvapauslauseke

Tuotteet, joihin vaikutus kohdistuu

PowerScale OneFS, PowerScale B100, PowerScale F200, PowerScale F210, PowerScale F600, PowerScale F710, PowerScale F900, PowerScale F910, PowerScale P100
Artikkelin ominaisuudet
Artikkelin numero: 000363693
Artikkelin tyyppi: Dell Security Advisory
Viimeksi muutettu: 28 huhtik. 2026
Etsi vastauksia kysymyksiisi muilta Dell-käyttäjiltä
Tukipalvelut
Tarkista, kuuluuko laitteesi tukipalveluiden piiriin.