Full Report
Dell security advisory (AV26-181)
Analysis Summary
# Vulnerability: Multiple Vulnerabilities in Dell PowerStore and PowerEdge Servers
## CVE Details
*Note: The primary advisory (AV26-181) acts as a rollup. Specific CVE identifiers are contained within the individual sub-advisories.*
- **CVE ID:** Multiple (See DSA-2026-115, DSA-2026-075, DSA-2026-119)
- **CVSS Score:** Cumulative Critical/High (Scores depend on specific CVEs within sub-advisories)
- **CWE:** Varies (Includes hardware-level vulnerabilities and firmware-based weaknesses)
## Affected Systems
- **Products:**
- Dell PowerStore T Storage Systems
- Dell PowerEdge Servers (AMD-based models)
- Dell PowerEdge Servers utilizing NVIDIA Bluefield, ConnectX, and DOCA components
- **Versions:**
- PowerStore T: Versions prior to 4.3.1.0-2662695
- PowerEdge: Multiple versions and models (Refer to specific DSAs for granular model lists)
- **Configurations:** Systems utilizing AMD processors or NVIDIA networking/DPU hardware.
## Vulnerability Description
This advisory covers three main areas of security updates:
1. **PowerStore T:** Addresses multiple vulnerabilities within the storage operating environment that could lead to unauthorized access or system compromise.
2. **AMD-based PowerEdge:** Addresses firmware-level hardware vulnerabilities specific to AMD processor integration.
3. **NVIDIA Infrastructure:** Addresses vulnerabilities in NVIDIA Bluefield DPUs, ConnectX SmartNICs, and the DOCA software framework integrated into Dell PowerEdge environments.
## Exploitation
- **Status:** Not exploited (No reports of active exploitation in the wild as of the advisory date).
- **Complexity:** Varies (Medium to High for hardware-level firmware exploits).
- **Attack Vector:** Network / Local (Depending on the specific component).
## Impact
- **Confidentiality:** High (Risk of data exposure and memory leakage).
- **Integrity:** High (Risk of firmware tampering or unauthorized privilege escalation).
- **Availability:** High (Potential for Denial of Service (DoS) or system instability).
## Remediation
### Patches
Dell recommends updating to the following versions or higher:
- **Dell PowerStore T:** Version 4.3.1.0-2662695
- **Dell AMD-based PowerEdge:** Refer to DSA-2026-075 for specific BIOS/Firmware update versions per server model.
- **NVIDIA Components:** Refer to DSA-2026-119 for updated Bluefield/ConnectX firmware and DOCA driver versions.
### Workarounds
- Ensure management interfaces (iDRAC, PowerStore Manager) are isolated on a dedicated management network.
- Restrict physical and local OS access to authorized administrators only.
## Detection
- **Indicators of Compromise:** Unusual administrative logins, unexpected firmware checksum mismatches, or unauthorized system reboots.
- **Detection Methods and Tools:** Utilize **Dell OpenManage** or **SupportAssist** to audit current firmware versions against the recommended patch levels.
## References
- Dell Security Advisory DSA-2026-115: hxxps[://]www[.]dell[.]com/support/kbdoc/en-ca/000432173/dsa-2026-115-dell-powerstore-t-security-update-for-multiple-vulnerabilities
- Dell Security Advisory DSA-2026-075: hxxps[://]www[.]dell[.]com/support/kbdoc/en-ca/000432584/dsa-2026-075-security-update-for-dell-amd-based-poweredge-server-vulnerability
- Dell Security Advisory DSA-2026-119: hxxps[://]www[.]dell[.]com/support/kbdoc/en-ca/000433020/dsa-2026-119-security-update-for-nvidia-bluefield-connectx-and-doca-vulnerabilities
- Dell Security Portal: hxxps[://]www[.]dell[.]com/support/security/en-ca