August 29, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Patchwork APT Group – Active IOCs
December 18, 2024
Bitter APT Uses WmRAT and MiyaRAT to Target Turkish Defense Sector – Active IOCs
December 18, 2024
Patchwork APT Group – Active IOCs
December 18, 2024
Bitter APT Uses WmRAT and MiyaRAT to Target Turkish Defense Sector – Active IOCs
December 18, 2024
Severity
Medium
Analysis Summary
CVE-2024-22461 CVSS:8.8
Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged remote attacker could potentially exploit this vulnerability by running any command as root, leading to gaining of root-level access and compromise of complete system.
CVE-2024-48007 CVSS:5.3
Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability. A Remote unauthenticated attacker could potentially exploit this vulnerability by gaining access to the source code, easily retrieving these secrets and reusing them to access the system leading to gaining access to unauthorized data.
CVE-2024-38488 CVSS:6.5
Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of Excessive Authentication vulnerability where a Network attacker could potentially exploit this vulnerability, leading to a brute force attack or a dictionary attack against the RecoverPoint login form and a complete system compromise. This allows attackers to brute-force the password of valid users in an automated manner.
CVE-2024-48008 CVSS:5.3
Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An Low privileged remote attacker could potentially exploit this vulnerability leading to information disclosure ,allowing of unintended actions like reading files that may contain sensitive information
CVE-2024-47984 CVSS:4.4
Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Service vulnerability. A User with Remote access could potentially exploit this vulnerability, leading to the disruption of most functionalities of the RPA persistent after reboot, resulting in need of technical support intervention in getting system back to stable state.
CVE-2024-28980 CVSS:6.5
Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the SSH. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.
Impact
- Denial of Service
- Gain Access
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-22461
- CVE-2024-48007
- CVE-2024-38488
- CVE-2024-48008
- CVE-2024-47984
- CVE-2024-28980
Affected Vendors
Dell
Affected Products
- Dell RecoverPoint for Virtual Machines 6.0.x
Remediation
Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.