Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below contains an improper input validation vulnerability. A remote unauthenticated malicious user may exploit this vulnerability and escalate privileges up to the highest administrative level. This is a Critical vulnerability affecting certain protocols, Dell recommends customers to upgrade at the earliest opportunity.
The vulnerability results from insufficient input validation in specific protocols supported by Enterprise SONiC. A remote attacker, without any authentication, can deliver properly crafted input data and exploit this gap to obtain top-level administrative privileges. The title of Dell's security bulletin indicates a connection to command injection vulnerability in the context of remote user authentication.
An attacker can obtain full administrative privileges on a vulnerable network switch without needing any credentials, which may result in complete device takeover, modification of network configuration, and breach of confidentiality, integrity and availability of infrastructure.
Dell recommends urgent update of Enterprise SONiC software to versions newer than 4.1.0, 4.0.5 or 3.5.4. Detailed information about available patches is available in Dell security bulletin DSA-2023-284 at: https://www.dell.com/support/kbdoc/en-us/000216586/
Dell Networking Switches with Dell Enterprise SONiC software in versions 4.1.0, 4.0.5, 3.5.4 and lower.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDell Enterprise Sonic Distribution
OSDell4.1.03.5.0 – 3.5.5 (bez)4.0.0 – 4.0.6 (bez)
Related vulnerabilities
OS Command Injection w Dell Enterprise SONiC OS 4.1.x i 4.2.x
Dell Enterprise SONiC OS — pominięcie krytycznego kroku uwierzytelnienia
OS Command Injection w Dell Enterprise SONiC OS (wersje 4.1.x, 4.2.x)
Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Inser...
Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerab...