Login Sign Up

CVE-2024-49560

7.8 HIGH
Remote Code Execution

📋 TL;DR

Dell SmartFabric OS10 Software contains a command injection vulnerability that allows low-privileged attackers with local access to execute arbitrary commands on the system. This affects versions 10.5.3.x through 10.5.6.x of the network operating system. Attackers could potentially gain elevated privileges or compromise the network infrastructure.

💻 Affected Systems

Products:
  • Dell SmartFabric OS10 Software
Versions: 10.5.3.x, 10.5.4.x, 10.5.5.x, 10.5.6.x
Operating Systems: Dell OS10
Default Config Vulnerable: ⚠️ Yes
Notes: All configurations running affected versions are vulnerable. Requires local access to the device.

📦 What is this software?

Smartfabric Os10 by Dell

View all CVEs affecting Smartfabric Os10 →

Smartfabric Os10 by Dell

View all CVEs affecting Smartfabric Os10 →

Smartfabric Os10 by Dell

View all CVEs affecting Smartfabric Os10 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise leading to network infrastructure takeover, data exfiltration, or lateral movement to other systems.

🟠

Likely Case

Privilege escalation to administrative access, configuration changes, or installation of persistent backdoors.

🟢

If Mitigated

Limited impact due to network segmentation and strict access controls preventing local attacker access.

🌐 Internet-Facing: LOW - Requires local access to exploit, not directly internet-facing.
🏢 Internal Only: HIGH - Internal attackers with low privileges can exploit this to gain full control of network devices.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Requires low-privileged local access. Command injection vulnerabilities are typically straightforward to exploit once the injection point is identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to version 10.5.6.1 or later as specified in DSA-2024-425

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000247217/dsa-2024-425-security-update-for-dell-networking-os10-vulnerabilities

Restart Required: Yes

Instructions:

1. Download the updated OS10 software from Dell Support. 2. Backup current configuration. 3. Apply the update following Dell's upgrade procedures. 4. Reboot the device. 5. Verify the new version is running.

🔧 Temporary Workarounds

Restrict Local Access

all

Limit physical and logical access to affected devices to only authorized administrators.

Network Segmentation

all

Isolate management interfaces from general user networks.

🧯 If You Can't Patch

  • Implement strict access controls to prevent unauthorized local access to devices
  • Monitor for suspicious command execution and privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check OS10 version with 'show version' command. If version is 10.5.3.x, 10.5.4.x, 10.5.5.x, or 10.5.6.x, the system is vulnerable.

Check Version:

show version

Verify Fix Applied:

After patching, run 'show version' to confirm version is 10.5.6.1 or later.

📡 Detection & Monitoring

Log Indicators:

  • Unusual command execution patterns
  • Privilege escalation attempts
  • Unexpected configuration changes

Network Indicators:

  • Unusual management traffic patterns
  • Unexpected outbound connections from network devices

SIEM Query:

Search for 'command injection' or 'privilege escalation' events on Dell OS10 devices, particularly from low-privileged accounts.

📊 Metadata

CVE ID: CVE-2024-49560
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-77
Published: November 12, 2024
Last Updated: November 15, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-49560, you might also want to check these:

CVE-2024-48841 10.0

This critical vulnerability in FLXEON software allows remote attackers to execute arbitrary code wit...

Same vulnerability type (CWE-77)
CVE-2025-59818 10.0

This vulnerability allows authenticated attackers to execute arbitrary system commands by manipulati...

Same vulnerability type (CWE-77)
CVE-2024-28354 10.0

This is a critical command injection vulnerability in TRENDnet TEW-827DRU routers that allows remote...

Same vulnerability type (CWE-77)