DSA-2026-193: Security Update for Dell Automation Platform Multiple Vulnerabilities
요약: Dell Automation Platform remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
이 문서는 다음에 적용됩니다.
이 문서는 다음에 적용되지 않습니다.
이 문서는 특정 제품과 관련이 없습니다.
모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.
영향
Critical
세부 정보
| Third-party Component | CVEs | More Information |
| aiohttp | CVE-2025-69229, CVE-2025-69228, CVE-2025-69227, CVE-2025-69223 | https://nvd.nist.gov/vuln/search |
| BusyBox wget | CVE-2025-60876 | https://nvd.nist.gov/vuln/search |
| cbor2 | CVE-2025-68131 | https://nvd.nist.gov/vuln/search |
| GNU C Library | CVE-2025-4802 | https://nvd.nist.gov/vuln/search |
| GNU Tar | CVE-2025-45582 | https://nvd.nist.gov/vuln/search |
| GnuPG | CVE-2025-68973, CVE-2025-68972 | https://nvd.nist.gov/vuln/search |
| GnuTLS | CVE-2025-32990 | https://nvd.nist.gov/vuln/search |
| Go | CVE-2025-61729 | https://nvd.nist.gov/vuln/search |
| Kerberos 5 KDC | CVE-2024-26462 | https://nvd.nist.gov/vuln/search |
| kin-openapi | CVE-2025-30153 | https://nvd.nist.gov/vuln/search |
| Linux kernel | CVE-2022-0168 | https://nvd.nist.gov/vuln/search |
| OpenSSL | CVE-2025-11187, CVE-2025-15467, CVE-2025-15468, CVE-2025-15469, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796, CVE-2025-9230 | https://nvd.nist.gov/vuln/search |
| pip | CVE-2018-20225 | https://nvd.nist.gov/vuln/search |
| urllib3 | CVE-2026-21441 | https://nvd.nist.gov/vuln/search |
| Werkzeug | CVE-2026-21860 | https://nvd.nist.gov/vuln/search |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2026-32658 | Dell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. | 8.0 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2026-32658 | Dell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. | 8.0 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
영향을 받는 제품 및 문제 해결
| Product | Affected Versions | Remediated Versions | Link |
| Dell Automation Platform | Versions prior to 2.0.0.0 | Version 2.0.0.0 or later | Contact Customer Support and Quote DSA-2026-193 |
| Product | Affected Versions | Remediated Versions | Link |
| Dell Automation Platform | Versions prior to 2.0.0.0 | Version 2.0.0.0 or later | Contact Customer Support and Quote DSA-2026-193 |
Notes
- Dell recommends always upgrading to the latest product release. Refer to the Security Update Policy for more information.
- To schedule platform security patch installation, or to upgrade your server, contact Dell Customer Support.
- To address vulnerabilities in Dell NativeEdge Orchestrator 3.1.0.2 and prior, contact Dell Customer Support.
해결 방법 및 완화 방안
None
개정 내역
| Revision | Date | Description |
| 1.0 | 2026-04-27 | Initial Release |
| 2.0 | 2026-05-07 | Major update: Removed Dell NativeEdge Orchestrator related vulnerabilities |
| 3.0 | 2026-05-12 | Minor update: Included acknowledgments for CVE-2026-32658 |
감사의 말
Dell would like to thank Radjnies Bhansingh, Kin Hung Cheng and Swathi Govindarajan from Securify for reporting CVE-2026-32658.
관련 정보
법적 고지 사항
해당 제품
Dell Automation Platform, Dell Automation Platform Components문서 속성
문서 번호: 000458049
문서 유형: Dell Security Advisory
마지막 수정 시간: 11 5월 2026
다른 Dell 사용자에게 질문에 대한 답변 찾기
지원 서비스
디바이스에 지원 서비스가 적용되는지 확인하십시오.