CVE-2024-25964 – Dell PowerScale OneFS versions 9.5.0.x through ... (How to Fix)

Q: What is the severity of CVE-2024-25964?

CVE-2024-25964 has a CVSS score of 5.3 (MEDIUM). Dell PowerScale OneFS versions 9.5.0.x through 9.7.0.x contain a covert timing channel vulnerability that allows remote unauthenticated attackers to potentially cause denial of service. This affects Dell PowerScale storage systems running vulnerable OneFS versions. Attackers can exploit timing differences in system responses to disrupt services.

📋 TL;DR

Dell PowerScale OneFS versions 9.5.0.x through 9.7.0.x contain a covert timing channel vulnerability that allows remote unauthenticated attackers to potentially cause denial of service. This affects Dell PowerScale storage systems running vulnerable OneFS versions. Attackers can exploit timing differences in system responses to disrupt services.

💻 Affected Systems

Products:

Dell PowerScale OneFS

Versions: 9.5.0.x through 9.7.0.x

Operating Systems: OneFS (PowerScale proprietary OS)

Default Config Vulnerable: ⚠️ Yes

Notes: All PowerScale systems running affected OneFS versions are vulnerable by default.

📦 What is this software?

Powerscale Onefs by Dell

View all CVEs affecting Powerscale Onefs →

Powerscale Onefs by Dell

View all CVEs affecting Powerscale Onefs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system unavailability or service disruption affecting all storage operations on the PowerScale cluster.

🟠

Likely Case

Degraded performance or intermittent service interruptions affecting storage accessibility.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring in place.

🌐 Internet-Facing: MEDIUM - Remote unauthenticated exploitation possible but requires specific timing analysis.

🏢 Internal Only: MEDIUM - Internal attackers could exploit if network access is available.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires understanding of timing channel attacks and network access to PowerScale management interfaces.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply updates per Dell Security Advisory DSA-2024-062

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities

Restart Required: Yes

Instructions:

1. Review Dell Security Advisory DSA-2024-062. 2. Download appropriate OneFS update from Dell Support. 3. Apply update following Dell PowerScale update procedures. 4. Reboot cluster as required by update process.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to PowerScale management interfaces to trusted networks only.

Access Control Lists

all

Implement strict firewall rules to limit connections to PowerScale cluster.

🧯 If You Can't Patch

Implement strict network segmentation to isolate PowerScale clusters from untrusted networks.
Monitor network traffic to PowerScale interfaces for unusual timing patterns or DoS attempts.

🔍 How to Verify

Check if Vulnerable:

Check OneFS version via SSH: 'isi version' or through PowerScale web interface.

Check Version:

isi version

Verify Fix Applied:

Verify updated version after patch: 'isi version' should show version above affected range.

📡 Detection & Monitoring

Log Indicators:

Unusual timing patterns in system logs
Multiple failed connection attempts
Performance degradation alerts

Network Indicators:

Unusual timing patterns in network traffic to PowerScale interfaces
High volume of small packets targeting management ports

SIEM Query:

source="powerscale" AND (event_type="performance_degradation" OR connection_attempts > threshold)

📊 Metadata

CVE ID: CVE-2024-25964

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE: CWE-385

Published: March 25, 2024

Last Updated: February 20, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-25964, you might also want to check these: