WARNING: DELL ENTERPRISE SONIC OS COMMAND INJECTION, PATCH IMMEDIATELY!
CVE-2024-45763: CVSS 9.1(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVE-2024-45764: CVSS 9.0(CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVE-2024-45765: CVSS 9.1(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
Sources
Dell - https://www.dell.com/support/kbdoc/en-us/000245655/dsa-2024-449-security...
Risques
Dell Enterprise SONiC OS is a network operating system widely used in data centers and cloud environments. Its role in managing network infrastructure makes it a valuable target for threat actors seeking to disrupt services or gain unauthorized access.
Description
Exploitation of these vulnerabilities allows attackers to:
CVE-2024-45763 & CVE-2024-45765: Execute arbitrary OS commands remotely, potentially leading to full system compromise.
CVE-2024-45764: Bypass authentication mechanisms, granting unauthorized access to system functionalities.
Given the critical severity, it is imperative to apply the recommended updates provided by Dell to mitigate these risks.
Actions recommandées
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/en/cert/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.