Rewterz Threat Advisory – Multiple Dell RecoverPoint for Virtual Machines Vulnerabilities

Rewterz Threat Advisory – ICS: Rockwell Automation FactoryTalk Service Platform Vulnerability

February 19, 2024

Rewterz Threat Advisory – Multiple Dell RecoverPoint for Virtual Machines Vulnerabilities

February 20, 2024

Rewterz Threat Advisory – Multiple Dell RecoverPoint for Virtual Machines Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-22425 CVSS:6.5

Dell RecoverPoint for Virtual Machines is vulnerable to a brute force attack, caused by improper restriction of excessive authentication attempts by the login service. By using brute force techniques, a remote attacker could exploit this vulnerability to takeover the account of the administrator.

CVE-2024-22426 CVSS:7.2

Dell RecoverPoint for Virtual Machines could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands as root on the system.

Impact

Gain Access

Indicators Of Compromise

CVE

CVE-2024-22425
CVE-2024-22426

Affected Vendors

Dell

Affected Products

Dell EMC RecoverPoint for Virtual Machines 5.3

Remediation

Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.

Dell Security Advisory

Rewterz Threat Advisory – ICS: Rockwell Automation FactoryTalk Service Platform Vulnerability

Rewterz Threat Advisory – Multiple Dell RecoverPoint for Virtual Machines Vulnerabilities

Rewterz Threat Advisory – Multiple Dell RecoverPoint for Virtual Machines Vulnerabilities

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan