CVE-2024-47476 – Dell NetWorker Management Console versions 19.1... (How to Fix)

Q: What is the severity of CVE-2024-47476?

CVE-2024-47476 has a CVSS score of 7.8 (HIGH). Dell NetWorker Management Console versions 19.11 contain an improper cryptographic signature verification vulnerability. An unauthenticated attacker with local access could execute arbitrary code on affected systems. This affects organizations using Dell NetWorker for backup management.

📋 TL;DR

Dell NetWorker Management Console versions 19.11 contain an improper cryptographic signature verification vulnerability. An unauthenticated attacker with local access could execute arbitrary code on affected systems. This affects organizations using Dell NetWorker for backup management.

💻 Affected Systems

Products:

Dell NetWorker Management Console

Versions: 19.11

Operating Systems: All supported platforms for Dell NetWorker

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where Dell NetWorker Management Console is installed and running.

📦 What is this software?

Networker Management Console by Dell

View all CVEs affecting Networker Management Console →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining administrative privileges, data exfiltration, and lateral movement across the network.

🟠

Likely Case

Local privilege escalation leading to unauthorized access to backup data and management functions.

🟢

If Mitigated

Limited impact due to network segmentation and restricted local access controls.

🌐 Internet-Facing: LOW - Requires local access, not remotely exploitable over network.

🏢 Internal Only: HIGH - Local attackers or compromised internal systems could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access to the system, which reduces widespread exploitation risk but increases insider threat potential.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply updates per Dell advisory DSA-2024-477

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000255884/dsa-2024-477-security-update-for-dell-networker-runtime-environment-nre-multiple-component-vulnerabilities

Restart Required: No

Instructions:

1. Review Dell advisory DSA-2024-477. 2. Download appropriate patches from Dell Support. 3. Apply patches to affected NetWorker Management Console installations. 4. Verify successful installation.

🔧 Temporary Workarounds

Restrict Local Access

all

Limit physical and remote local access to NetWorker Management Console systems to authorized personnel only.

🧯 If You Can't Patch

Implement strict access controls to limit who can access NetWorker Management Console systems locally.
Monitor system logs for suspicious local authentication attempts or privilege escalation activities.

🔍 How to Verify

Check if Vulnerable:

Check NetWorker Management Console version via 'nsr -v' command or through console interface.

Check Version:

nsr -v

Verify Fix Applied:

Verify version is updated beyond vulnerable 19.11 release and check for successful patch installation logs.

📡 Detection & Monitoring

Log Indicators:

Unexpected local authentication attempts
Unusual process execution from NetWorker directories
Failed cryptographic verification logs

Network Indicators:

Unusual local network traffic from NetWorker systems

SIEM Query:

source="NetWorker" AND (event_type="authentication" OR event_type="process_execution") AND result="failure"

📊 Metadata

CVE ID: CVE-2024-47476

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-347

Published: December 3, 2024

Last Updated: February 3, 2025

🔗 References

https://www.dell.com/support/kbdoc/en-us/000255884/dsa-2024-477-security-update-for-dell-networker-runtime-environment-nre-multiple-component-vulnerabilities Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47476, you might also want to check these: