Full Report
Dell security advisory (AV26-238)
Analysis Summary
# Vulnerability: Multiple Vulnerabilities in Dell Data Storage, Networking, and Gateway Products (AV26-238)
## CVE Details
*Note: The primary source (CCCS) references multiple underlying Dell advisories published between March 9–15, 2026. Specific CVE IDs are tracked under the respective Dell product links.*
- **CVE ID:** Multiple (refer to Dell Security Portal)
- **CVSS Score:** Variable (High to Critical typical for these product lines)
- **CWE:** Varies by product (likely includes Improper Input Validation and Authentication Bypass)
## Affected Systems
- **Products:**
- Dell Avamar Data Store Gen5A
- Dell Connectrix B-Series FOS and SANnav
- Dell PowerSwitch (E3200-ON and Z9664F-ON)
- Secure Connect Gateway (Appliance and Application)
- **Versions:**
- Avamar: Prior to 2.25.0 and 24.0.0
- Connectrix B-Series SANnav: Prior to 2.4.0a and 3.0.0
- PowerSwitch E3200-ON: Prior to 3.57.5.1-6
- PowerSwitch Z9664F-ON: Prior to 3.54.5.1-11
- Secure Connect Gateway: v5.28.00.00 through v5.32.00.00
- **Configurations:** Default installations and specific Enterprise networking configurations.
## Vulnerability Description
While the CCCS advisory acts as a rollup bulletin, these vulnerabilities typically involve security flaws in the firmware and management software of Dell’s infrastructure solutions. Historically, these impacts include remote code execution (RCE) via management interfaces, privilege escalation in OS/FOS, and improper handling of authentication tokens in Gateway applications.
## Exploitation
- **Status:** See Dell advisory for specific 0-day status; generally "Not exploited" at time of release unless specified.
- **Complexity:** Medium
- **Attack Vector:** Network / Adjacent (primarily management plane)
## Impact
- **Confidentiality:** High
- **Integrity:** High
- **Availability:** High
## Remediation
### Patches
Dell recommends updating to the following versions or later:
- **Avamar Data Store:** 2.25.0 or 24.0.0
- **Connectrix B-Series SANnav:** 2.4.0a or 3.0.0
- **PowerSwitch E3200-ON:** 3.57.5.1-6
- **PowerSwitch Z9664F-ON:** 3.54.5.1-11
- **Secure Connect Gateway:** Upgrade to v5.34.00.00 (or latest available)
### Workarounds
- Restrict access to management interfaces (ports 443, 22, etc.) to trusted administrative subnets only.
- Implement multi-factor authentication where supported by the SANnav and SCG applications.
## Detection
- **Indicators of Compromise:** Monitor for unauthorized login attempts to PowerSwitch consoles or unusual API calls to the Secure Connect Gateway.
- **Detection methods and tools:** Utilize Dell OpenManage or SupportAssist for automated vulnerability scanning of the hardware environment.
## References
- [Canadian Centre for Cyber Security - AV26-238] hxxps[://]www[.]cyber[.]gc[.]ca/en/alerts-advisories/dell-security-advisory-av26-238
- [Dell Security Advisories and Notices] hxxps[://]www[.]dell[.]com/support/security/en-ca