Full Report
Dell security advisory (AV26-504)
Analysis Summary
# Vulnerability: Multiple Vulnerabilities in Dell Networking and Container Storage Products
## CVE Details
*Note: The advisory AV26-504 references multiple underlying CVEs summarized across three primary Dell Security Advisories (DSAs).*
- **CVE ID:** CVE-2026-30232 (Hard-coded Credentials), CVE-2026-29173, CVE-2026-29174, CVE-2026-30225
- **CVSS Score:** Up to 9.8 (Critical)
- **CWE:** CWE-798 (Use of Hard-coded Credentials), CWE-306 (Missing Authentication), CWE-20 (Improper Input Validation)
## Affected Systems
- **Products:**
- Dell Networking OS10
- SmartFabric Storage Software (SFSS)
- Dell Container Storage Modules (CSM)
- **Versions:**
- OS10: Prior to 10.5.6.13
- SFSS: Prior to 1.4.5
- CSM (Observability/Replication): 1.6.0 to 1.16.3
- CSM (Authorization): 1.11.0 to 1.16.3
- **Configurations:** Systems utilizing default installations or specific modules (CSM Authorization/Observability).
## Vulnerability Description
These advisories address several security flaws:
1. **Hard-coded Credentials (CSM):** Dell Container Storage Modules contain hard-coded credentials that could allow an unauthenticated remote attacker to gain unauthorized access to the system.
2. **Improper Input Validation (OS10/SFSS):** Vulnerabilities in the networking stack that could lead to Denial of Service (DoS) or potential remote code execution.
3. **Missing Authentication (SFSS):** Specific endpoints in the SmartFabric Storage Software do not properly require authentication before granting access to sensitive management functions.
## Exploitation
- **Status:** Not exploited in the wild (based on current reporting)
- **Complexity:** Low to Medium
- **Attack Vector:** Network
## Impact
- **Confidentiality:** High (Full access via hard-coded credentials/bypass)
- **Integrity:** High (Modification of system settings)
- **Availability:** High (Critical service disruption/DoS)
## Remediation
### Patches
Dell recommends upgrading to the following versions immediately:
- **Dell Networking OS10:** Version 10.5.6.13 or later.
- **SmartFabric Storage Software:** Version 1.4.5 or later.
- **Dell Container Storage Modules:** Apply the latest security patches specific to the module version (refer to DSA-2026-234).
### Workarounds
- **Network Segmentation:** Isolate management interfaces for OS10 and SFSS from general internet traffic.
- **Access Control Lists (ACLs):** Restrict access to affected ports/services to trusted administrative IPs only.
## Detection
- **Indicators of compromise:** Monitor for unauthorized login attempts using default or static service account names. Scan for unexpected traffic on management ports associated with SmartFabric.
- **Detection methods and tools:** Use vulnerability scanners to identify management interfaces running vulnerable software versions. Audit container logs for hard-coded credential usage.
## References
- Dell Security Advisory DSA-2026-161: hxxps[://]www[.]dell[.]com/support/kbdoc/en-ca/000466930/dsa-2026-161-security-update-for-dell-networking-os10-vulnerabilities
- Dell Security Advisory DSA-2026-235: hxxps[://]www[.]dell[.]com/support/kbdoc/en-ca/000466942/dsa-2026-235-security-update-for-dell-networking-smartfabric-storage-software-vulnerabilities
- Dell Security Advisory DSA-2026-234: hxxps[://]www[.]dell[.]com/support/kbdoc/en-ca/000467149/dsa-2026-234-security-update-for-dell-container-storage-modules-hard-coded-credentials-vulnerability
- Canadian Centre for Cyber Security (AV26-504): hxxps[://]www[.]cyber[.]gc[.]ca/en/alerts-advisories/dell-security-advisory-av26-504