The official site for Saudi CERT
DELL EMC Updates
2278
Warning Date
Severity Level
Warning Number
Target Sector
8 April, 2020
● High
2020-1107
All
Description:
DELL EMC has released a security updates to address several vulnerabilities in the following products:
- Dell Wyse Windows 10 IoT Enterprise 2016 LTSB prior to applying KB-4534271
- Dell Wyse Windows 10 IoT Enterprise 2019 LTSC prior to applying KB-4534273
- Dell Wyse Management Suite versions prior to 2.0
- Dell Wyse Management Repository versions prior to 2.0
- Dell EMC Data Protection Advisor versions 6.4, 6.5, and 18.1
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Execute arbitrary code
- Memory corruption
Best practice and Recommendations:
The CERT team encourages users to review DELL EMC security advisory and apply the necessary updates:
- https://www.dell.com/support/article/en-us/sln320830/dsa-2020-071-dell-wyse-windows-10-iot-enterprise-security-update-for-windows-cryptoapi-vulnerability?lang=en
- https://www.dell.com/support/article/en-us/sln320829/dsa-2020-070-dell-wyse-management-suite-and-dell-wyse-management-repository-security-update-for-apache-tomcat-vulnerability?lang=en
- https://www.dell.com/support/security/en-us/details/542649/DSA-2020-080-Dell-EMC-Data-Protection-Advisor-Hard-Coded-Credential-Vulnerability
Rate the content
Share the page
