SB2025012272 - Multiple vulnerabilities in Dell PowerFlex appliance
Published: January 22, 2025 Updated: June 20, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 13 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2023-20526)
The vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied input in the ASP Bootloader. An attacker with physical access to device can read contents of ASP memory.
2) Deserialization of Untrusted Data (CVE-ID: CVE-2023-46604)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data in the OpenWire protocol. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
3) Improper access control (CVE-ID: CVE-2023-34056)
The vulnerability allows a remote user to gain unauthorized access to sensitive information.
The vulnerability exists due to improper access restrictions. A remote user can bypass implemented security restrictions and gain unauthorized access to sensitive information.
4) Out-of-bounds write (CVE-ID: CVE-2023-34048)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the DCERPC protocol implementation. A remote non-authenticated attacker can send a specially crafted RPC request to the vCenter Server, trigger an out-of-bounds write and execute arbitrary code on the target system.
Note, the vulnerability is being actively exploited in the wild since late 2021.
5) Incomplete cleanup (CVE-ID: CVE-2021-46766)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to incomplete clearing of sensitive data in the ASP Bootloader. A local user with access to ASP SRAM can gain access to sensitive information.
6) Out-of-bounds write (CVE-ID: CVE-2023-20533)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
7) Time-of-check Time-of-use (TOCTOU) Race Condition (CVE-ID: CVE-2023-20521)
The vulnerability allows an attacker to perform a denial of service attack.
The vulnerability exists due to a race condition in ASP Bootloader. An attacker with physical access to device can tamper with SPI ROM records after memory content verification and gain access to sensitive information of perform a denial of service (DoS) attack.
8) Use-after-free (CVE-ID: CVE-2023-20519)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in the management of an SNP guest context page. A malicious hypervisor can masquerade as the guest's migration agent and perform a denial of service (DoS) attack.
9) Configuration (CVE-ID: CVE-2022-23830)
The issue may allow a local user to bypass implemented security restrictions.
The issue exists due to immutable SMM configuration when SNP is enabled. A local user can modify guest memory.
10) Buffer overflow (CVE-ID: CVE-2022-23820)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper validation of the AMD SMM communication buffer. A local user can corrupt the SMRAM and execute arbitrary code on the system.
11) Out-of-bounds write (CVE-ID: CVE-2021-46774)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing DRAM address in System
Management Unit (SMU). A local user can trigger an out-of-bounds write and perform a denial of service (DoS) attack.
12) Input validation error (CVE-ID: CVE-2023-20566)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input n ASP with SNP enabled. A local user can compromise guest memory integrity.
13) Out-of-bounds read (CVE-ID: CVE-2021-26345)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in APCB. A local user can trigger an out-of-bounds read error and perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.