Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:HDell Powerstore 1000t
HWDellwszystkie wersjeDell Powerstore 1200t
HWDellwszystkie wersjeDell Powerstore 3000t
HWDellwszystkie wersjeDell Powerstore 3200t
HWDellwszystkie wersjeDell Powerstore 5000t
HWDellwszystkie wersjeDell Powerstore 500t
HWDellwszystkie wersjeDell Powerstore 5200t
HWDellwszystkie wersjeDell Powerstore 7000t
HWDellwszystkie wersjeDell Powerstore 9000t
HWDellwszystkie wersjeDell Powerstore 9200t
HWDellwszystkie wersjeDell Powerstoret Os
OSDell< 3.5.0.0-2050321
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
Related vulnerabilities
CVE-2024-51532HIGH7.1ten sam produkt
Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')...
CVE-2026-28265MEDIUM4.4ten sam produkt
PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local ...
CVE-2025-36572MEDIUM6.5ten sam produkt
Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in the PowerSto...
CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam vendor
Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)
CVE-2026-41120CRITICAL9.8PL ✓ten sam vendor
RCE w Dell Wyse Management Suite — akceptacja niezaufanych danych