DSA-2025-390: Dell Secure Connect Gateway Security Update for Multiple Third-Party Component Vulnerabilities

Sammendrag: Dell Secure Connect Gateway contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Denne artikkelen gjelder for Denne artikkelen gjelder ikke for Denne artikkelen er ikke knyttet til noe bestemt produkt. Det er ikke produktversjonene som identifiseres i denne artikkelen.
Ta en titt på andre ressurser

Påvirkning

Critical

Detaljer

Third-Party Component CVE More Information
Apache2 CVE-2024-42516, CVE-2024-43204, CVE-2024-47252, CVE-2025-23048, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-47947, CVE-2025-48866, CVE-2025-54571 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Boost CVE-2016-9840 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
commons CVE-2025-48976, CVE-2025-48924 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
coreutils-8.32-150400.9.9.1 CVE-2025-5278 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libcurl CVE-2024-6874, CVE-2025-0665, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2025-10148 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
docker CVE-2025-0495, CVE-2025-22872, CVE-2025-54388 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
esapi CVE-2025-5878 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
exim CVE-2024-39929 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
glib2 CVE-2025-4373, CVE-2025-6052 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
glibc CVE-2025-8058 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
gpg2 CVE-2025-30258 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
grub2 CVE-2024-56738 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
iputils CVE-2025-48964 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libjq1 CVE-2024-23337, CVE-2025-48060 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
kernel CVE-2023-52888, CVE-2023-53146, CVE-2023-53324, CVE-2023-53325, CVE-2023-53328, CVE-2023-53331, CVE-2023-53333, CVE-2023-53336, CVE-2023-53338, CVE-2023-53339, CVE-2023-53342, CVE-2023-53343, CVE-2023-53350, CVE-2023-53352, CVE-2023-53354, CVE-2023-53356, CVE-2023-53357, CVE-2023-53360, CVE-2023-53362, CVE-2023-53364, CVE-2023-53365, CVE-2023-53367, CVE-2023-53368, CVE-2023-53369, CVE-2023-53370, CVE-2023-53371, CVE-2023-53374, CVE-2023-53377, CVE-2023-53379, CVE-2023-53380, CVE-2023-53384, CVE-2023-53385, CVE-2023-53386, CVE-2023-53391, CVE-2023-53394, CVE-2023-53395, CVE-2023-53397, CVE-2023-53401, CVE-2023-53420, CVE-2023-53421, CVE-2023-53424, CVE-2023-53425, CVE-2023-53426, CVE-2023-53428, CVE-2023-53429, CVE-2023-53432, CVE-2023-53436, CVE-2023-53438, CVE-2023-53441, CVE-2023-53442, CVE-2023-53444, CVE-2023-53446, CVE-2023-53447, CVE-2023-53448, CVE-2023-53451, CVE-2023-53454, CVE-2023-53456, CVE-2023-53457, CVE-2023-53461, CVE-2023-53462, CVE-2023-53463, CVE-2023-53465, CVE-2023-53472, CVE-2023-53479, CVE-2023-53480, CVE-2023-53485, CVE-2023-53487, CVE-2023-53488, CVE-2023-53490, CVE-2023-53491, CVE-2023-53492, CVE-2023-53493, CVE-2023-53495, CVE-2023-53496, CVE-2023-53500, CVE-2023-53501, CVE-2023-53504, CVE-2023-53505, CVE-2023-53507, CVE-2023-53508, CVE-2023-53510, CVE-2023-53515, CVE-2023-53516, CVE-2023-53518, CVE-2023-53519, CVE-2023-53520, CVE-2023-53523, CVE-2023-53526, CVE-2023-53527, CVE-2023-53528, CVE-2023-53530, CVE-2023-53531, CVE-2024-26584, CVE-2024-26831, CVE-2024-28956, CVE-2024-43869, CVE-2024-46713, CVE-2024-49568, CVE-2024-50106, CVE-2024-50223, CVE-2024-53135, CVE-2024-54458, CVE-2024-56613, CVE-2024-56699, CVE-2024-57982, CVE-2024-58053, CVE-2024-58090, CVE-2024-58098, CVE-2024-58099, CVE-2024-58100, CVE-2024-58237, CVE-2024-58240, CVE-2025-21629, CVE-2025-21648, CVE-2025-21658, CVE-2025-21702, CVE-2025-21720, CVE-2025-21787, CVE-2025-21814, CVE-2025-21868, CVE-2025-21898, CVE-2025-21899, CVE-2025-21919, CVE-2025-21920, CVE-2025-21938, CVE-2025-21959, CVE-2025-21997, CVE-2025-22005, CVE-2025-22021, CVE-2025-22022, CVE-2025-22030, CVE-2025-22035, CVE-2025-22056, CVE-2025-22057, CVE-2025-22063, CVE-2025-22066, CVE-2025-22070, CVE-2025-22083, CVE-2025-22089, CVE-2025-22095, CVE-2025-22103, CVE-2025-22111, CVE-2025-22113, CVE-2025-22119, CVE-2025-22120, CVE-2025-22124, CVE-2025-22125, CVE-2025-22126, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-37738, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742, CVE-2025-37743, CVE-2025-37747, CVE-2025-37748, CVE-2025-37749, CVE-2025-37750, CVE-2025-37752, CVE-2025-37754, CVE-2025-37755, CVE-2025-37756, CVE-2025-37757, CVE-2025-37758, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772, CVE-2025-37773, CVE-2025-37780, CVE-2025-37781, CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796, CVE-2025-37797, CVE-2025-37798, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803, CVE-2025-37805, CVE-2025-37809, CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37815, CVE-2025-37819, CVE-2025-37820, CVE-2025-37823, CVE-2025-37824, CVE-2025-37829, CVE-2025-37830, CVE-2025-37831, CVE-2025-37833, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37858, CVE-2025-37859, CVE-2025-37862, CVE-2025-37865, CVE-2025-37867, CVE-2025-37870, CVE-2025-37871, CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37879, CVE-2025-37881, CVE-2025-37884, CVE-2025-37886, CVE-2025-37887, CVE-2025-37889, CVE-2025-37890, CVE-2025-37891, CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37917, CVE-2025-37918, CVE-2025-37921, CVE-2025-37923, CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37929, CVE-2025-37930, CVE-2025-37931, CVE-2025-37932, CVE-2025-37933, CVE-2025-37936, CVE-2025-37937, CVE-2025-37938, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945, CVE-2025-37946, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951, CVE-2025-37953, CVE-2025-37954, CVE-2025-37957, CVE-2025-37958, CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37974, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982, CVE-2025-37983, CVE-2025-37985, CVE-2025-37986, CVE-2025-37987, CVE-2025-37989, CVE-2025-37990, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995, CVE-2025-37997, CVE-2025-37998, CVE-2025-38000, CVE-2025-38001, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005, CVE-2025-38007, CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38020, CVE-2025-38022, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045, CVE-2025-38053, CVE-2025-38057, CVE-2025-38059, CVE-2025-38060, CVE-2025-38065, CVE-2025-38068, CVE-2025-38072, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38083, CVE-2025-38104, CVE-2025-38119, CVE-2025-38152, CVE-2025-38234, CVE-2025-38240, CVE-2025-38255, CVE-2025-38263, CVE-2025-38351, CVE-2025-38402, CVE-2025-38408, CVE-2025-38418, CVE-2025-38419, CVE-2025-38456, CVE-2025-38465, CVE-2025-38466, CVE-2025-38488, CVE-2025-38514, CVE-2025-38526, CVE-2025-38527, CVE-2025-38533, CVE-2025-38544, CVE-2025-38556, CVE-2025-38574, CVE-2025-38584, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38597, CVE-2025-38605, CVE-2025-38614, CVE-2025-38616, CVE-2025-38622, CVE-2025-38623, CVE-2025-38637, CVE-2025-38639, CVE-2025-38640, CVE-2025-38643, CVE-2025-38645, CVE-2025-38659, CVE-2025-38660, CVE-2025-38664, CVE-2025-38668, CVE-2025-38676, CVE-2025-38678, CVE-2025-38679, CVE-2025-38680, CVE-2025-38681, CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38687, CVE-2025-38691, CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38697, CVE-2025-38698, CVE-2025-38701, CVE-2025-38702, CVE-2025-38705, CVE-2025-38706, CVE-2025-38709, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725, CVE-2025-38727, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-38736, CVE-2025-39675, CVE-2025-39677, CVE-2025-39678, CVE-2025-39679, CVE-2025-39681, CVE-2025-39682, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39691, CVE-2025-39693, CVE-2025-39694, CVE-2025-39701, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39709, CVE-2025-39710, CVE-2025-39713, CVE-2025-39714, CVE-2025-39718, CVE-2025-39719, CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39732, CVE-2025-39735, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39749, CVE-2025-39750, CVE-2025-39754, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39764, CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39790, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800, CVE-2025-39801, CVE-2025-39806, CVE-2025-39808, CVE-2025-39810, CVE-2025-39823, CVE-2025-39824, CVE-2025-39825, CVE-2025-39826, CVE-2025-39827, CVE-2025-39832, CVE-2025-39833, CVE-2025-39835, CVE-2025-39838, CVE-2025-39839, CVE-2025-39842, CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848, CVE-2025-39849, CVE-2025-39850, CVE-2025-39853, CVE-2025-39854, CVE-2025-39857, CVE-2025-39860, CVE-2025-39861, CVE-2025-39863, CVE-2025-39864, CVE-2025-39865, CVE-2025-39869, CVE-2025-39870, CVE-2025-39871, CVE-2025-39873, CVE-2025-39882, CVE-2025-39885, CVE-2025-39889, CVE-2025-39891, CVE-2025-39907, CVE-2025-39920, CVE-2025-39923, CVE-2025-39925, CVE-2025-40014, CVE-2025-40300, CVE-2025-40325 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libavahi CVE-2024-52615 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libcairo2 CVE-2025-50422 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libgcrypt20 CVE-2024-2236 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libgnutls30 CVE-2025-6395, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libicu-suse65 CVE-2025-5222 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libopenssl CVE-2025-9230, CVE-2025-27587 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libpq5 CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libpython3 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435, CVE-2025-4516, CVE-2025-4517, CVE-2025-6069, CVE-2025-8194 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libruby CVE-2024-35221, CVE-2025-6442, CVE-2025-27221 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libsqlite CVE-2025-3277, CVE-2025-6965 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libssh CVE-2025-4877, CVE-2025-4878, CVE-2025-5318, CVE-2025-5372, CVE-2025-8114, CVE-2025-8277 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libsystemd CVE-2025-4598 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libvmtools CVE-2025-41244 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
libxml2 CVE-2025-6021, CVE-2025-6170, CVE-2025-7425, CVE-2025-49794, CVE-2025-49795, CVE-2025-49796 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
net-tools CVE-2025-46836 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
netty CVE-2025-55163, CVE-2025-58056, CVE-2025-58057 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
pam CVE-2025-6018 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
per CVE-2025-40909 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
spring-security CVE-2024-38827, CVE-2025-22234, CVE-2025-41242, CVE-2025-41249, CVE-2025-41234 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
sudo CVE-2025-32462, CVE-2025-32463 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
tomcat CVE-2025-46701, CVE-2025-48988, CVE-2025-48989, CVE-2025-52520, CVE-2025-53506 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
vim CVE-2024-41965, CVE-2025-29768, CVE-2025-53905, CVE-2025-53906, CVE-2025-55157, CVE-2025-55158 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

 

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-46696 Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

 

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-46696 Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies anbefaler at alle kunder tar hensyn til både grunnpoengsummen og alle relevante, midlertidige og miljømessige resultater som kan påvirke den potensielle alvorlighetsgraden knyttet til bestemte sikkerhetsproblemer.

Berørte produkter og utbedring

Product Affected Version Updated Version Link
Dell Secure Connect Gateway - Appliance Versions prior to 5.32.00.20 Version 5.32.00.20 or later https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers
Dell Secure Connect Gateway - Application  Versions 5.26.00 through 5.30.00 Version 5.32.00 or later https://www.dell.com/support/home/product-support/product/secure-connect-gateway-app-edition/drivers

 

Product Affected Version Updated Version Link
Dell Secure Connect Gateway - Appliance Versions prior to 5.32.00.20 Version 5.32.00.20 or later https://www.dell.com/support/product-details/product/secure-connect-gateway-ve/drivers
Dell Secure Connect Gateway - Application  Versions 5.26.00 through 5.30.00 Version 5.32.00 or later https://www.dell.com/support/home/product-support/product/secure-connect-gateway-app-edition/drivers

 

Endringshistorikk

RevisionDateDescription
1.02025-11-04Initial Release
2.02025-11-12Added CVE-2024-39929 to the remediated table and updated the remediated version
3.02025-12-16Updated the Affected Product and Remediation table. New patch 5.30.00.20 has been released for Secure Connect Gateway that addresses vulnerabilities of the Python library
4.02025-12-18Added CVE-2025-46696 to the remediated table

 

Bekreftelser

CVE-2025-46696: Dell would like to thank Ahmed Y. Elmogy for reporting this issue. 

Relatert informasjon

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Juridisk ansvarsfraskrivelse

Berørte produkter

Secure Connect Gateway, Secure Connect Gateway - Application Edition, Secure Connect Gateway - Virtual Edition
Artikkelegenskaper
Artikkelnummer: 000385230
Artikkeltype: Dell Security Advisory
Sist endret: 18 des. 2025
Få svar på spørsmålene dine fra andre Dell-brukere
Støttetjenester
Sjekk om enheten din er dekket av støttetjenestene.