DSA-2026-086: Security Update for Dell Avamar Data Store Gen5A Multiple Third-Party Component Vulnerabilities
概要: Dell Avamar Data Store Gen5A remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
この記事は次に適用されます:
この記事は次には適用されません:
この記事は、特定の製品に関連付けられていません。
すべての製品パージョンがこの記事に記載されているわけではありません。
影響
High
詳細
| Third-party Component | CVEs | More Information |
| Dell Server PowerEdge BIOS R740xd | CVE-2024-28047 | DSA-2025-041 |
| Intel X710 NIC | CVE-2025-24486, CVE-2025-25273, CVE-2025-21086, CVE-2025-26863, CVE-2025-26697, CVE-2025-24511, CVE-2025-31146 | DSA-2025-324, DSA-2025-430 |
| Integrated Dell Remote Access Controller (iDRAC) | CVE-2025-20064, CVE-2025-20028, CVE-2025-20027 | DSA-2025-297 |
影響を受ける製品と修復
| CVEs | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2024-28047 | Dell Avamar Data Store Gen5A | Dell Server PowerEdge BIOS R740xd | Versions prior to 2.25.0 | Version 2.25.0 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
| CVE-2025-24486, CVE-2025-25273, CVE-2025-21086, CVE-2025-26863, CVE-2025-26697, CVE-2025-24511, CVE-2025-31146 | Dell Avamar Data Store Gen5A | Intel X710 NIC | Version prior to 24.0.0 | Version 24.0.0 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
| CVE-2025-20064, CVE-2025-20028, CVE-2025-20027 | Dell Avamar Data Store Gen5A | Integrated Dell Remote Access Controller (iDRAC) | Version prior to 7.00.00.183 | Version 7.00.00.183 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
| CVEs | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2024-28047 | Dell Avamar Data Store Gen5A | Dell Server PowerEdge BIOS R740xd | Versions prior to 2.25.0 | Version 2.25.0 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
| CVE-2025-24486, CVE-2025-25273, CVE-2025-21086, CVE-2025-26863, CVE-2025-26697, CVE-2025-24511, CVE-2025-31146 | Dell Avamar Data Store Gen5A | Intel X710 NIC | Version prior to 24.0.0 | Version 24.0.0 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
| CVE-2025-20064, CVE-2025-20028, CVE-2025-20027 | Dell Avamar Data Store Gen5A | Integrated Dell Remote Access Controller (iDRAC) | Version prior to 7.00.00.183 | Version 7.00.00.183 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
Notes:
- The README file, included in the hotfix .zip download package, provides a comprehensive list of vulnerabilities remediated in this cumulative update, including both recent and previously identified vulnerabilities.
- To schedule a platform security patch installation or server upgrade, please contact Dell Customer Support. Dell recommends upgrading the latest release/version of your product.
- For a detailed example of how to apply an AVP-based hotfix, refer to KB 000069982: How to install an Avamar .avp hotfix using Avamar Installer (AVI).
Known Issue:
- Upgrading directly to the January 2026 firmware, which includes BIOS 2.25.0, may fail on systems running BIOS versions prior to 2.12.2, due to compatibility constraints.
Required Action:
- To verify the BIOS version, run the following command in the Avamar console as an admin/root user:
omreport system version
If the BIOS version is earlier than 2.12.2 contact Dell Customer Support to apply the September 2021 firmware block (AVP: Gen5aSep2021Blk338753.avp) before installing the January 2026 firmware.
回避策と緩和策
None
変更履歴
| Revision | Date | Description |
| 1.0 | 2026-03-10 | Initial Release |
| 2.0 | 2026-04-29 | CVE-2025-20064, CVE-2025-20028, CVE-2025-20027 added to DSA |
関連情報
法的免責事項
対象製品
Avamar, Avamar Data Store, Avamar Data Store Gen5A, Avamar Server文書のプロパティ
文書番号: 000437829
文書の種類: Dell Security Advisory
最終更新: 29 4月 2026
質問に対する他のDellユーザーからの回答を見つける
サポート サービス
お使いのデバイスがサポート サービスの対象かどうかを確認してください。