DSA-2025-166: Security Update for Dell PowerScale OneFS Multiple Third-Party Component Vulnerabilities

Summary: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Geçici Çözümler ve Risk Azaltma

Etkilenen Ürünler

Bu makale şunlar için geçerlidir: Bu makale şunlar için geçerli değildir: Bu makale, belirli bir ürüne bağlı değildir. Bu makalede tüm ürün sürümleri tanımlanmamıştır.

Diğer kaynaklara göz atın

Impact

Critical

Details

Third-Party Component	CVEs	More information
Dell PowerEdge Server BIOS	CVE-2024-28047, CVE-2024-36293, CVE-2024-39279, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2024-28956, CVE-2024-31068, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-20064, CVE-2025-20105, CVE-2025-20028, CVE-2025-20027, CVE-2025-20073	DSA-2025-041, DSA-2025-042, DSA-2025-156, DSA-2025-297, DSA-2024-381, DSA-2025-038
Dell Remote Access Controller (iDRAC)	CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-26466, CVE-2024-48012, CVE-2025-22397	DSA-2025-146, DSA-2025-156, DSA-2025-376

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Etkilenen Ürünler ve Düzeltme

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073	PowerScale F200	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073	PowerScale F600	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073	PowerScale F900	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073	PowerScale B100	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073	PowerScale P100	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F210	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F710	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F910	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073	PowerScale F200	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073	PowerScale F600	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073	PowerScale F900	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073	PowerScale B100	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073	PowerScale P100	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F210	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F710	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F910	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area

Notes:

We encourage all customers to upgrade to the remediated versions. If an upgrade is not feasible, customers should review the CVE details to determine potential risk to their environments.
To identify which nodes require upgrading, please refer to the firmware assessment report. For instructions on completing the assessment and report, please refer to the "Run a firmware assessment" section in PowerScale Node Firmware Package 13.1.3 Release Notes documented in Firmware - PowerScale Info Hub.
Due to the NFP installation issue with parallel upgrade, customers are advised not to perform parallel upgrades on version prior to 9.9.0.0.

Geçici Çözümler ve Risk Azaltma

None

Revision History

Revision	Date	Description
1.0	2025-10-14	Initial Release
2.0	2026-02-25	Major update to include CVE-2025-22397
3.0	2026-04-28	Major update to include CVE-2025-20064, CVE-2025-20105, CVE-2025-20028, CVE-2025-20027 and CVE-2025-20073

Related Information

Yasal Uyarı

Etkilenen Ürünler

PowerScale OneFS, PowerScale B100, PowerScale F200, PowerScale F210, PowerScale F600, PowerScale F710, PowerScale F900, PowerScale F910, PowerScale P100

Article Number: 000363693

Article Type: Dell Security Advisory

Son Değiştirme: 28 Nis 2026

Aygıtınızın Destek Hizmetleri kapsamında olup olmadığını kontrol edin.

DSA-2025-166: Security Update for Dell PowerScale OneFS Multiple Third-Party Component Vulnerabilities

Summary: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Impact

Details

Etkilenen Ürünler ve Düzeltme

Geçici Çözümler ve Risk Azaltma

Revision History

İlgili Bilgiler

Yasal Uyarı

Etkilenen Ürünler

Impact

Details

Etkilenen Ürünler ve Düzeltme

Geçici Çözümler ve Risk Azaltma

Revision History

Related Information

Yasal Uyarı

Etkilenen Ürünler

Makale Özellikleri

Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun

Destek Hizmetleri

Makale Özellikleri

Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun

Destek Hizmetleri

DSA-2025-166: Security Update for Dell PowerScale OneFS Multiple Third-Party Component Vulnerabilities

Summary: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Ayrıntılı Makale

Impact

Details

Etkilenen Ürünler ve Düzeltme

Geçici Çözümler ve Risk Azaltma

Revision History

Related Information

Yasal Uyarı

Etkilenen Ürünler

Makale Özellikleri

Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun

Destek Hizmetleri

Makale Özellikleri

Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun

Destek Hizmetleri