DSA-2026-086: Security Update for Dell Avamar Data Store Gen5A Multiple Third-Party Component Vulnerabilities
Summary: Dell Avamar Data Store Gen5A remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Bu makale şunlar için geçerlidir:
Bu makale şunlar için geçerli değildir:
Bu makale, belirli bir ürüne bağlı değildir.
Bu makalede tüm ürün sürümleri tanımlanmamıştır.
Impact
High
Details
| Third-party Component | CVEs | More Information |
| Dell Server PowerEdge BIOS R740xd | CVE-2024-28047 | DSA-2025-041 |
| Intel X710 NIC | CVE-2025-24486, CVE-2025-25273, CVE-2025-21086, CVE-2025-26863, CVE-2025-26697, CVE-2025-24511, CVE-2025-31146 | DSA-2025-324, DSA-2025-430 |
| Integrated Dell Remote Access Controller (iDRAC) | CVE-2025-20064, CVE-2025-20028, CVE-2025-20027 | DSA-2025-297 |
Etkilenen Ürünler ve Düzeltme
| CVEs | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2024-28047 | Dell Avamar Data Store Gen5A | Dell Server PowerEdge BIOS R740xd | Versions prior to 2.25.0 | Version 2.25.0 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
| CVE-2025-24486, CVE-2025-25273, CVE-2025-21086, CVE-2025-26863, CVE-2025-26697, CVE-2025-24511, CVE-2025-31146 | Dell Avamar Data Store Gen5A | Intel X710 NIC | Version prior to 24.0.0 | Version 24.0.0 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
| CVE-2025-20064, CVE-2025-20028, CVE-2025-20027 | Dell Avamar Data Store Gen5A | Integrated Dell Remote Access Controller (iDRAC) | Version prior to 7.00.00.183 | Version 7.00.00.183 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
| CVEs | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2024-28047 | Dell Avamar Data Store Gen5A | Dell Server PowerEdge BIOS R740xd | Versions prior to 2.25.0 | Version 2.25.0 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
| CVE-2025-24486, CVE-2025-25273, CVE-2025-21086, CVE-2025-26863, CVE-2025-26697, CVE-2025-24511, CVE-2025-31146 | Dell Avamar Data Store Gen5A | Intel X710 NIC | Version prior to 24.0.0 | Version 24.0.0 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
| CVE-2025-20064, CVE-2025-20028, CVE-2025-20027 | Dell Avamar Data Store Gen5A | Integrated Dell Remote Access Controller (iDRAC) | Version prior to 7.00.00.183 | Version 7.00.00.183 | Avamar Gen5a Jan 2026 firmware block (Hotfix 952820) |
Notes:
- The README file, included in the hotfix .zip download package, provides a comprehensive list of vulnerabilities remediated in this cumulative update, including both recent and previously identified vulnerabilities.
- To schedule a platform security patch installation or server upgrade, please contact Dell Customer Support. Dell recommends upgrading the latest release/version of your product.
- For a detailed example of how to apply an AVP-based hotfix, refer to KB 000069982: How to install an Avamar .avp hotfix using Avamar Installer (AVI).
Known Issue:
- Upgrading directly to the January 2026 firmware, which includes BIOS 2.25.0, may fail on systems running BIOS versions prior to 2.12.2, due to compatibility constraints.
Required Action:
- To verify the BIOS version, run the following command in the Avamar console as an admin/root user:
omreport system version
If the BIOS version is earlier than 2.12.2 contact Dell Customer Support to apply the September 2021 firmware block (AVP: Gen5aSep2021Blk338753.avp) before installing the January 2026 firmware.
Geçici Çözümler ve Risk Azaltma
None
Revision History
| Revision | Date | Description |
| 1.0 | 2026-03-10 | Initial Release |
| 2.0 | 2026-04-29 | CVE-2025-20064, CVE-2025-20028, CVE-2025-20027 added to DSA |
Related Information
Yasal Uyarı
Etkilenen Ürünler
Avamar, Avamar Data Store, Avamar Data Store Gen5A, Avamar ServerMakale Özellikleri
Article Number: 000437829
Article Type: Dell Security Advisory
Son Değiştirme: 29 Nis 2026
Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun
Destek Hizmetleri
Aygıtınızın Destek Hizmetleri kapsamında olup olmadığını kontrol edin.