DSA-2025-166: Security Update for Dell PowerScale OneFS Multiple Third-Party Component Vulnerabilities
摘要: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
Critical
詳細資料
| Third-Party Component | CVEs | More information |
| Dell PowerEdge Server BIOS | CVE-2024-28047, CVE-2024-36293, CVE-2024-39279, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2024-28956, CVE-2024-31068, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-20064, CVE-2025-20105, CVE-2025-20028, CVE-2025-20027, CVE-2025-20073 | DSA-2025-041, DSA-2025-042, DSA-2025-156, DSA-2025-297, DSA-2024-381, DSA-2025-038 |
| Dell Remote Access Controller (iDRAC) | CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-26466, CVE-2024-48012, CVE-2025-22397 | DSA-2025-146, DSA-2025-156, DSA-2025-376 |
受影響的產品與補救措施
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 | PowerScale F200 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 | PowerScale F600 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 | PowerScale F900 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 | PowerScale B100 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 | PowerScale P100 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 | PowerScale F210 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 | PowerScale F710 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 | PowerScale F910 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 | PowerScale F200 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 | PowerScale F600 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 | PowerScale F900 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 | PowerScale B100 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027, CVE-2025-20105, CVE-2025-20073 | PowerScale P100 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 | PowerScale F210 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 | PowerScale F710 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
| CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 | PowerScale F910 | PowerScale Node Firmware Package | Versions prior to 13.1.3 | Version 13.1.3 or later | PowerScale OneFS Downloads Area |
Notes:
- We encourage all customers to upgrade to the remediated versions. If an upgrade is not feasible, customers should review the CVE details to determine potential risk to their environments.
- To identify which nodes require upgrading, please refer to the firmware assessment report. For instructions on completing the assessment and report, please refer to the "Run a firmware assessment" section in PowerScale Node Firmware Package 13.1.3 Release Notes documented in Firmware - PowerScale Info Hub.
- Due to the NFP installation issue with parallel upgrade, customers are advised not to perform parallel upgrades on version prior to 9.9.0.0.
因應措施與緩解措施
None
修訂歷史記錄
| Revision | Date | Description |
| 1.0 | 2025-10-14 | Initial Release |
| 2.0 | 2026-02-25 | Major update to include CVE-2025-22397 |
| 3.0 | 2026-04-28 | Major update to include CVE-2025-20064, CVE-2025-20105, CVE-2025-20028, CVE-2025-20027 and CVE-2025-20073 |
相關資訊
法律免責聲明
受影響的產品
PowerScale OneFS, PowerScale B100, PowerScale F200, PowerScale F210, PowerScale F600, PowerScale F710, PowerScale F900, PowerScale F910, PowerScale P100文章屬性
文章編號: 000363693
文章類型: Dell Security Advisory
上次修改時間: 28 4月 2026
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。