Advisory for Dell Security Update
- NIC-CERT/2022-12/514
- Date: 2022-12-20
- CVE ID: Multiple
- Severity: Critical
Advisory for Dell Security Update
Description:
A vulnerability has been found in dell product which could allow an attacker to take control of the affected system.
Security Issues fixed:
Dell OpenManage Server Administrator (OMSA), Dell Wyse Management Suite (WMS),Dell Client Consumer remediation is available for DLL Injection Vulnerability and Dell Client Consumer platform remediation is available for Realtek High-Definition Audio Driver vulnerability, Dell NetWorker Management Console remediation is available for Apache Vulnerability in port 9090 that may be exploited by malicious users to compromise the affected system.
Details:
|
Proprietary Code CVEs |
Description |
|
CVE-2022-34396 |
Dell OpenManage Server Administrator (OMSA) version 10.3.0.0 and earlier contains a DLL Injection Vulnerability. A local low privileged authenticated attackermay potentially exploit thisvulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges. Exploitation may lead to a complete system compromise. |
|
CVE-2022-46754 |
Wyse Management Suite 3.8 and earlier contain an improper access control vulnerability. An authenticated malicious admin user may potentially access certain pro license features for which this admin is not authorized in order to configure user controlled external entities. |
|
CVE-2022-46755 |
Wyse Management Suite 3.8 and earlier contain an improper access control vulnerability. An authenticated malicious admin user may potentially edit general client policy for which the user is not authorized. |
|
CVE-2022-46677 |
Wyse Management Suite 3.8 and earlier contain an improper access control vulnerability. An authenticated malicious admin user may potentially create a subgroup under a group for which the admin is not authorized. |
|
CVE-2022-46678 |
Wyse Management Suite 3.8 and earlier contain an improper access control vulnerability. An authenticated malicious admin user may potentially edit general client policy for which the user is not authorized. |
|
CVE-2022-46676 |
Wyse Management Suite 3.8 and earlier contain an improper access control vulnerability. A malicious admin user may potentially disable or delete users under administration and unassigned admins for which the group admin is not authorized. |
|
CVE-2022-46675 |
Wyse Management Suite Repository 3.8 and earlier contain an information disclosure vulnerability in error pages with which an attacker may potentially discover the internal structure of the application and its components and use this information for further vulnerability research. |
|
CVE-2022-34405 |
An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated attacker may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system. |
- Affected Products and Solution:
|
Product |
Affected Versions |
Updated Versions |
Link To Update |
|||||||
|
Dell OpenManage Server Administrator (OMSA) |
Version 10.3.0.0 and earlier |
Dell OpenManage Server Administrator hotfix 246014 for Windows |
https://www.dell.com/support/home/drivers/driversdetails?driverid=VR638 |
|||||||
|
Dell Wyse Management Suite |
3.8 and earlier |
4.0 |
Dell Wyse Management Suite |
|||||||
|
Dell Wyse Management Suite Repository |
3.8 and earlier |
4.0 |
Dell Wyse Management Suite Repository |
|||||||
|
|
Affected Versions |
Updated Versions or later |
Link to Update |
|||||||
|
R6515 |
Before 2.9.3 |
2.9.3 |
R6515 Drivers & Downloads |
|||||||
|
R7515 |
Before 2.9.3 |
2.9.3 |
R7515 Drivers & Downloads |
|||||||
|
R6525 |
Before 2.9.3 |
2.9.3 |
R6525 Drivers & Downloads |
|||||||
|
R7525 |
Before 2.9.3 |
2.9.3 |
R7525 Drivers & Downloads |
|||||||
|
XE8545 |
Before 2.9.4 |
2.9.4 |
XE8545 Drivers & Downloads |
|||||||
|
C6525 |
Before 2.9.4 |
2.9.4 |
C6525 Drivers & Downloads |
|||||||
|
R6415 |
Before 1.19.0 |
1.19.0 |
R6415 Drivers & Downloads |
|||||||
|
R7415 |
Before 1.19.0 |
1.19.0 |
R7415 Drivers & Downloads |
|||||||
|
R7425 |
Before 1.19.0 |
1.19.0 |
R7425 Drivers & Downloads |
|||||||
|
R750 |
Before 1.8.2 |
1.8.2 |
R750 Drivers & Downloads |
|||||||
|
R750XA |
Before 1.8.2 |
1.8.2 |
R750XA Drivers & Downloads |
|||||||
|
R650 |
Before 1.8.2 |
1.8.2 |
R650 Drivers & Downloads |
|||||||
|
C6520 |
Before 1.8.2 |
1.8.2 |
C6520 Drivers & Downloads |
|||||||
|
MX750c |
Before 1.8.2 |
1.8.2 |
MX750c Drivers & Downloads |
|||||||
|
R450 |
Before 1.8.2 |
1.8.2 |
R450 Drivers & Downloads |
|||||||
|
R550 |
Before 1.8.2 |
1.8.2 |
R550 Drivers & Downloads |
|||||||
|
R650xs |
Before 1.8.2 |
1.8.2 |
R650xs Drivers & Downloads |
|||||||
|
R750xs |
Before 1.8.2 |
1.8.2 |
R750xs Drivers & Downloads |
|||||||
|
T550 |
Before 1.8.2 |
1.8.2 |
T550 Drivers & Downloads |
|||||||
|
XR11 |
Before 1.8.2 |
1.8.2 |
XR11 Drivers & Downloads |
|||||||
|
XR12 |
Before 1.8.2 |
1.8.2 |
XR12 Drivers & Downloads |
|||||||
|
R250 |
Before 1.4.2 |
1.4.2 |
R250 Drivers & Downloads |
|||||||
|
R350 |
Before 1.4.2 |
1.4.2 |
R350 Drivers & Downloads |
|||||||
|
T150 |
Before 1.4.2 |
1.4.2 |
T150 Drivers & Downloads |
|||||||
|
T350 |
Before 1.4.2 |
1.4.2 |
T350 Drivers & Downloads |
|||||||
|
R740 |
Before 2.16.1 |
2.16.1 |
R740 Drivers & Downloads |
|||||||
|
R740XD |
Before 2.16.1 |
2.16.1 |
R740XD Drivers & Downloads |
|||||||
|
R640 |
Before 2.16.1 |
2.16.1 |
R640 Drivers & Downloads |
|||||||
|
R940 |
Before 2.16.1 |
2.16.1 |
R940 Drivers & Downloads |
|||||||
|
R540 |
Before 2.16.1 |
2.16.1 |
R540 Drivers & Downloads |
|||||||
|
R440 |
Before 2.16.1 |
2.16.1 |
R440 Drivers & Downloads |
|||||||
|
T440 |
Before 2.16.1 |
2.16.1 |
T440 Drivers & Downloads |
|||||||
|
XR2 |
Before 2.16.1 |
2.16.1 |
XR2 Drivers & Downloads |
|||||||
|
R740XD2 |
Before 2.16.1 |
2.16.1 |
R740XD2 Drivers & Downloads |
|||||||
|
R840 |
Before 2.16.1 |
2.16.1 |
R840 Drivers & Downloads |
|||||||
|
R940XA |
Before 2.16.1 |
2.16.1 |
R940XA Drivers & Downloads |
|||||||
|
T640 |
Before 2.16.1 |
2.16.1 |
T640 Drivers & Downloads |
|||||||
|
C6420 |
Before 2.16.1 |
2.16.1 |
C6420 Drivers & Downloads |
|||||||
|
FC640 |
Before 2.16.1 |
2.16.1 |
FC640 Drivers & Downloads |
|||||||
|
M640 |
Before 2.16.1 |
2.16.1 |
M640 Drivers & Downloads |
|||||||
|
M640P |
Before 2.16.1 |
2.16.1 |
M640P Drivers & Downloads |
|||||||
|
MX740C |
Before 2.16.1 |
2.16.1 |
MX740C Drivers & Downloads |
|||||||
|
MX840C |
Before 2.16.1 |
2.16.1 |
MX840C Drivers & Downloads |
|||||||
|
C4140 |
Before 2.16.1 |
2.16.1 |
C4140 Drivers & Downloads |
|||||||
|
DSS8440 |
Before 2.16.1 |
2.16.1 |
DSS8440 Drivers & Downloads |
|||||||
|
T140 |
Before 2.11.1 |
2.11.1 |
T140 Drivers & Downloads |
|||||||
|
T340 |
Before 2.11.1 |
2.11.1 |
T340 Drivers & Downloads |
|||||||
|
R240 |
Before 2.11.1 |
2.11.1 |
R240 Drivers & Downloads |
|||||||
|
R340 |
Before 2.11.1 |
2.11.1 |
R340 Drivers & Downloads |
|||||||
|
XE2420 |
Before 2.16.0 |
2.16.0 |
XE2420 Drivers & Downloads |
|||||||
|
XE7420 |
Before 2.16.1 |
2.16.1 |
XE7420 Drivers & Downloads |
|||||||
|
XE7440 |
Before 2.16.1 |
2.16.1 |
XE7440 Drivers & Downloads |
|||||||
|
R730 |
Before 2.16.0 |
2.16.0 |
R730 Drivers & Downloads |
|||||||
|
R730xd |
Before 2.16.0 |
2.16.0 |
R730XD Drivers & Downloads |
|||||||
|
R630 |
Before 2.16.0 |
2.16.0 |
R630 Drivers & Downloads |
|||||||
|
C4130 |
Before 2.16.0 |
2.16.0 |
C4130 Drivers & Downloads |
|||||||
|
R930 |
Before 2.16.0 |
2.11.0 |
R930 Drivers & Downloads |
|||||||
|
M630 |
Before 2.16.0 |
2.16.0 |
M630 Drivers & Downloads |
|||||||
|
M630p |
Before 2.16.0 |
2.16.0 |
M630P Drivers & Downloads |
|||||||
|
FC630 |
Before 2.16.0 |
2.16.0 |
FC630 Drivers & Downloads |
|||||||
|
FC430 |
Before 2.16.0 |
2.16.0 |
FC430 Drivers & Downloads |
|||||||
|
M830 |
Before 2.16.0 |
2.16.0 |
M830 Drivers & Downloads |
|||||||
|
M830p |
Before 2.16.0 |
2.16.0 |
M830P Drivers & Downloads |
|||||||
|
FC830 |
Before 2.16.0 |
2.16.0 |
FC830 Drivers & Downloads |
|||||||
|
T630 |
Before 2.16.0 |
2.16.0 |
T630 Drivers & Downloads |
|||||||
|
R530 |
Before 2.16.0 |
2.16.0 |
R530 Drivers & Downloads |
|||||||
|
R430 |
Before 2.16.0 |
2.16.0 |
R430 Drivers & Downloads |
|||||||
|
T430 |
Before 2.16.0 |
2.16.0 |
T430 Drivers & Downloads |
|||||||
|
R830 |
Before 1.16.0 |
1.16.0 |
R830 Drivers & Downloads |
|||||||
|
C6320 |
Before 2.16.0 |
2.16.0 |
C6320 Drivers & Downloads |
|||||||
|
T130 |
Before 2.16.0 |
2.16.0 |
T130 Drivers & Downloads |
|||||||
|
R230 |
Before 2.16.0 |
2.16.0 |
R230 Drivers & Downloads |
|||||||
|
T330 |
Before 2.16.0 |
2.16.0 |
T330 Drivers & Downloads |
|||||||
|
R330 |
Before 2.16.0 |
2.16.0 |
R330 Drivers & Downloads |
|||||||
|
NetWorker |
19.7.x and earlier |
19.8 |
https://www.dell.com/support/home/en-in/product-support/product/networker/drivers |
|||||||
|
Dell Data Protection Central |
19.1 |
19.8 |
To upgrade your Dell Data Protection Central system, see Dell KB article 34881:Data Protection Central: How to Install the Data Protection Central operating system Updatefor installation instructions. |
|||||||
|
19.2 |
19.8 |
|||||||||
|
19.3 |
19.8 |
|||||||||
|
19.4 |
19.8 |
|||||||||
|
19.5 |
19.8 |
|||||||||
|
19.6 |
19.8 |
|||||||||
|
19.7 |
19.8 |
|||||||||
|
PowerProtect DP Series Appliance (Integration Data Protection Appliance) |
2.5 |
2.7.x |
To upgrade your PowerProtect DP Series Appliance Dell Data Protection Central component, see Dell KB article34881:Data Protection Central: How to Install the Data Protection Central operating system Updatefor installation instructions. |
|||||||
|
2.6.x |
2.7.x |
|||||||||
|
2.7.x |
2.7.x |
|||||||||
|
Product |
Affected Versions |
Updated Versions |
Link to Update |
|||||||
|
NetWorker Management Console |
19.4.x |
19.7 and later releases |
Support for NetWorker | Drivers & Downloads | Dell India |
|||||||
|
Product |
BIOS Update Version |
BIOS Release Date |
|
Alienware m15 R6 |
1.17.0 |
10-19-2022 |
|
Alienware m15 R7 |
1.4.3 |
09-29-2022 |
|
Alienware m15 Ryzen Edition R5 |
1.8.0 |
10-26-2022 |
|
Alienware m17 R5 AMD |
1.4.3 |
09-29-2022 |
|
Dell G15 5510 |
1.16.0 |
10-11-2022 |
|
Dell G15 5511 |
1.18.0 |
10-11-2022 |
|
Dell G15 5515 |
1.8.0 |
10-26-2022 |
|
Dell G15 5525 |
1.4.3 |
09-29-2022 |
|
Dell G5 SE 5505 |
1.13.0 |
11-08-2022 |
|
Inspiron 14 5410 2-in-1 |
2.15.2 |
11-15-2022 |
|
Inspiron 15 3511 |
1.18.2 |
11-21-2022 |
|
Inspiron 3195 2-in-1 |
1.6.0 |
10-26-2022 |
|
Inspiron 3275 |
1.9.2 |
10-05-2022 |
|
Inspiron 3475 |
1.9.2 |
10-05-2022 |
|
Inspiron 3505 |
1.9.0 |
10-11-2022 |
|
Inspiron 3515 |
1.9.0 |
10-11-2022 |
|
Inspiron 3525 |
1.5.0 |
10-13-2022 |
|
Inspiron 3585 |
1.10.0 |
10-26-2022 |
|
Inspiron 3595 |
1.5.0 |
10-26-2022 |
|
Inspiron 3785 |
1.10.0 |
10-26-2022 |
|
Inspiron 3891 |
1.12.0 |
10-17-2022 |
|
Inspiron 5310 |
2.15.0 |
10-11-2022 |
|
Inspiron 5405 |
1.9.0 |
11-08-2022 |
|
Inspiron 5410 |
2.14.0 |
10-07-2022 |
|
Inspiron 5415 |
1.13.0 |
11-08-2022 |
|
Inspiron 5425 |
1.5.0 |
10-11-2022 |
|
Inspiron 5485 |
2.11.0 |
10-26-2022 |
|
Inspiron 5485 2-in-1 |
2.11.0 |
10-26-2022 |
|
Inspiron 5505 |
1.9.0 |
11-08-2022 |
|
Inspiron 5510 |
2.15.2 |
11-15-2022 |
|
Inspiron 5515 |
1.13.0 |
11-08-2022 |
|
Inspiron 5585 |
2.11.0 |
10-26-2022 |
|
Inspiron 7405 2-in-1 |
1.10.1 |
12-01-2022 |
|
Inspiron 7415 |
1.13.0 |
11-09-2022 |
|
Inspiron 7425 |
1.5.0 |
10-11-2022 |
|
Inspiron 7510 |
1.12.0 |
10-12-2022 |
|
Inspiron 7610 |
1.12.0 |
10-12-2022 |
|
Latitude 3320 |
1.18.2 |
11-15-2022 |
|
Latitude 3420 |
1.23.2 |
11-07-2022 |
|
Latitude 3520 |
1.23.2 |
11-07-2022 |
|
Latitude 5320 |
1.24.3 |
11-16-2022 |
|
Latitude 5420 |
1.22.0 |
10-17-2022 |
|
Latitude 5520 |
1.24.3 |
11-16-2022 |
|
Latitude 5521 |
1.17.3 |
11-16-2022 |
|
Latitude 7320 |
1.20.0 |
10-17-2022 |
|
Latitude 7320 Detachable |
1.17.2 |
11-22-2022 |
|
Latitude 7420 |
1.20.0 |
10-17-2022 |
|
Latitude 7520 |
1.20.0 |
10-17-2022 |
|
Latitude 9420 |
1.16.2 |
11-22-2022 |
|
Latitude 9520 |
1.17.0 |
10-17-2022 |
|
Latitude Rugged 5430 |
1.12.0 |
10-11-2022 |
|
Latitude Rugged 7330 |
1.12.0 |
10-11-2022 |
|
Latitude 5421 |
1.15.0 |
10-17-2022 |
|
OptiPlex 3090 Ultra |
1.15.0 |
10-12-2022 |
|
OptiPlex 5090 |
1.12.0 |
10-17-2022 |
|
OptiPlex 5490 All-In-One |
1.15.0 |
10-11-2022 |
|
OptiPlex 7090 Tower |
1.12.0 |
10-11-2022 |
|
OptiPlex 7090 Ultra |
1.15.0 |
10-12-2022 |
|
OptiPlex 7490 AIO |
1.15.0 |
10-11-2022 |
|
Precision 3450 |
1.12.0 |
10-11-2022 |
|
Precision 3560 |
1.24.3 |
11-16-2022 |
|
Precision 3561 |
1.17.3 |
11-16-2022 |
|
Precision 3650 Tower |
1.16.0 |
10-11-2022 |
|
Precision 5560 |
1.15.2 |
11-21-2022 |
|
Precision 5760 |
1.15.2 |
11-16-2022 |
|
Precision 7560 |
1.16.0 |
10-14-2022 |
|
Precision 7760 |
1.16.0 |
10-14-2022 |
|
Vostro 3405 |
1.9.0 |
10-11-2022 |
|
Vostro 3425 |
1.5.0 |
10-13-2022 |
|
Vostro 3510 |
1.18.2 |
11-21-2022 |
|
Vostro 3515 |
1.9.0 |
10-11-2022 |
|
Vostro 3525 |
1.5.0 |
10-13-2022 |
|
Vostro 3690 |
1.12.0 |
10-17-2022 |
|
Vostro 3890 |
1.12.0 |
10-17-2022 |
|
Vostro 5310 |
2.15.0 |
10-11-2022 |
|
Vostro 5410 |
2.15.2 |
11-15-2022 |
|
Vostro 5415 |
1.13.0 |
11-08-2022 |
|
Vostro 5510 |
2.15.2 |
11-15-2022 |
|
Vostro 5515 |
1.13.0 |
11-08-2022 |
|
Vostro 5625 |
1.5.0 |
10-11-2022 |
|
Vostro 5890 |
1.12.0 |
10-11-2022 |
|
Vostro 7510 |
1.12.0 |
10-12-2022 |
|
XPS 15 9510 |
1.15.2 |
11-21-2022 |
|
XPS 17 9710 |
1.15.2 |
11-14-2022 |
References:
https://www.dell.com/support/security/en-in
