CVE-2022-26852 Dell PowerScale OneFS versions 8.2.x-9.3.x have a predictable seed in the pseudo-random number generator.

A user with DCOM privileges could remotely access and take control of an affected system. Dell software products are affected by the issue. Dell PowerVault MD and Dell EMC ScaleIO are vulnerable. Dell EMC InformaLink (formerly Vantiv) Connect, Dell EMC Insight (formerly TCC) and Dell EMC Remote Agent are also vulnerable. Dell EMC vNX and Dell EMC vRanger are potentially vulnerable as well. Dell PowerVault MD and Dell EMC ScaleIO are vulnerable. Dell EMC InformaLink (formerly Vantiv) Connect, Dell EMC Insight (formerly TCC) and Dell EMC Remote Agent are also vulnerable. Dell EMC vNX and Dell EMC vRanger are potentially vulnerable as well. Dell PowerVault MD and Dell EMC ScaleIO are vulnerable. Dell EMC InformaLink (formerly Vantiv) Connect, Dell EMC Insight (formerly TCC) and Dell EMC Remote Agent are also vulnerable. Dell EMC vNX and Dell EMC vRanger are potentially vulnerable as well. Dell PowerVault MD and Dell EMC ScaleIO are vulnerable. Dell EMC InformaLink (formerly Vantiv) Connect, Dell EMC Insight (formerly TCC) and Dell EMC Remote Agent are also vulnerable. Dell EMC vNX and Dell EMC vRanger are potentially vulnerable as well. Dell PowerVault MD and Dell EMC Scale

Products Affected by Vulnerability

Dell PowerVault MD and Dell EMC ScaleIO are vulnerable. Dell EMC InformaLink (formerly Vantiv) Connect, Dell EMC Insight (formerly TCC) and Dell EMC Remote Agent are also vulnerable. Dell EMC vNX and Dell EMC vRanger are potentially vulnerable as well. Dell PowerVault MD and Dell EMC ScaleIO are vulnerable. Dell EMC InformaLink (formerly Vantiv) Connect, Dell EMC Insight (formerly TCC) and Dell EMC Remote Agent are also vulnerable. Dell EMC vNX and Dell EMC vRanger are potentially vulnerable as well.

Dell EMC Software Products Affected by the CVE-2022 Vulnerability

The vulnerability is related to how the DCOM object handles objects passed down from parent process. If a user with DCOM privileges were able to access and take control of an affected system, Dell EMC software would be vulnerable to code execution by that user. Dell PowerVault MD and Dell EMC ScaleIO are vulnerable. Dell EMC InformaLink (formerly Vantiv) Connect, Dell EMC Insight (formerly TCC) and Dell EMC Remote Agent are also vulnerable. Dell EMC vNX and Dell EMC vRanger are potentially vulnerable as well.

Overview

A user with DCOM privileges could remotely access and take control of an affected system. Dell software products are affected by the issue. Dell PowerVault MD and Dell EMC ScaleIO are vulnerable. Dell EMC InformaLink (formerly Vantiv) Connect, Dell EMC Insight (formerly TCC) and Dell EMC Remote Agent are also vulnerable. Dell EMC vNX and Dell EMC vRanger are potentially vulnerable as well.
The vulnerability is present on many different Windows OS versions, including Windows 10 and Windows 8.1

Installing and updating firmware and software

It is recommended that the firmware and software of the systems be updated to address these vulnerabilities.
Dell EMC InformaLink (formerly Vantiv) Connect, Dell EMC Insight (formerly TCC) and Dell EMC Remote Agent are also vulnerable. Dell EMC vNX and Dell EMC vRanger are potentially vulnerable as well.

Timeline

Published on: 04/08/2022 20:15:00 UTC
Last modified on: 04/14/2022 18:59:00 UTC

References

• https://www.dell.com/support/kbdoc/en-us/000197991/dell-emc-powerscale-onefs-security-update-for-multiple-component-vulnerabilities
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26852