June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Kimsuky Uses New Malware FPSpy and KLogEXE in Focused Attacks – Active IOCs
September 27, 2024
Attackers May Use Only License Plates to Remotely Control Kia Vehicles
September 27, 2024
Kimsuky Uses New Malware FPSpy and KLogEXE in Focused Attacks – Active IOCs
September 27, 2024
Attackers May Use Only License Plates to Remotely Control Kia Vehicles
September 27, 2024
Severity
High
Analysis Summary
CVE-2024-39577 CVSS:7.1
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability leading to code execution.
CVE-2024-37125 CVSS:7.5
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an Uncontrolled Resource Consumption vulnerability. A remote unauthenticated host could potentially exploit this vulnerability leading to a denial of service.
Impact
- Denial of Service
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-39577
- CVE-2024-37125
Affected Vendors
Dell
Affected Products
- Dell SmartFabric OS10 Software - 10.5.6.x - 10.5.5.x - 10.5.4.x - 10.5.3.x
Remediation
Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.
