July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
New WikiLoader Malware Attack Leverages Fake GlobalProtect VPN Software – Active IOCs
September 4, 2024CVE-2024-38811 – VMware Fusion Vulnerability
September 4, 2024New WikiLoader Malware Attack Leverages Fake GlobalProtect VPN Software – Active IOCs
September 4, 2024CVE-2024-38811 – VMware Fusion Vulnerability
September 4, 2024
Severity
Medium
Analysis Summary
CVE-2024-39579 CVSS:6.7
Dell PowerScale OneFS could allow a local authenticated attacker to gain elevated privileges on the system, caused by incorrect privilege assignment vulnerability. An authenticated attacker could exploit this vulnerability to gain root-level access.
CVE-2024-39578 CVSS:6.3
Dell PowerScale OneFS could allow a local attacker to launch a symlink attack due to creating temporary files insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system, leading to denial of service, information tampering.
Impact
- Gain Access
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-39579
- CVE-2024-39578
Affected Vendors
Dell
Affected Products
- Dell PowerScale OneFS - 9.8.0.1
- Dell PowerScale OneFS - 8.2.2.x
Remediation
Refer to Dell Security Advisory or patch, upgrade or suggested workaround information.