CVE-2024-53298 – Dell PowerScale OneFS versions 9.5.0.0 through ... (How to Fix)

Q: What is the severity of CVE-2024-53298?

CVE-2024-53298 has a CVSS score of 9.8 (CRITICAL). Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.1 have a critical missing authorization vulnerability in NFS export. Unauthenticated remote attackers can potentially read, modify, and delete arbitrary files, leading to full system compromise. All organizations running affected versions are at risk.

📋 TL;DR

Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.1 have a critical missing authorization vulnerability in NFS export. Unauthenticated remote attackers can potentially read, modify, and delete arbitrary files, leading to full system compromise. All organizations running affected versions are at risk.

💻 Affected Systems

Products:

Dell PowerScale OneFS

Versions: 9.5.0.0 through 9.10.0.1

Operating Systems: OneFS

Default Config Vulnerable: ⚠️ Yes

Notes: All NFS exports on affected versions are vulnerable unless specifically patched.

📦 What is this software?

Powerscale Onefs by Dell

View all CVEs affecting Powerscale Onefs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with unauthorized access to all files, potential data destruction, and lateral movement to other systems.

🟠

Likely Case

Unauthorized access to sensitive files, data exfiltration, and potential ransomware deployment.

🟢

If Mitigated

Limited impact if network segmentation isolates NFS services and access controls are properly configured.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Vulnerability allows unauthenticated access, making exploitation straightforward for attackers with network access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 9.10.0.2 or later

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000326339/dsa-2025-208-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities

Restart Required: Yes

Instructions:

1. Backup all critical data. 2. Download the latest OneFS patch from Dell Support. 3. Apply the patch following Dell's upgrade procedures. 4. Restart the system as required. 5. Verify the patch is applied successfully.

🔧 Temporary Workarounds

Disable NFS Exports

linux

Temporarily disable all NFS exports to prevent exploitation.

isi nfs exports delete --all

Restrict NFS Network Access

linux

Use firewall rules to restrict NFS access to trusted IPs only.

iptables -A INPUT -p tcp --dport 2049 -s TRUSTED_IP -j ACCEPT
iptables -A INPUT -p tcp --dport 2049 -j DROP

🧯 If You Can't Patch

Implement strict network segmentation to isolate NFS services from untrusted networks.
Enable detailed logging and monitoring for all NFS access attempts.

🔍 How to Verify

Check if Vulnerable:

Check OneFS version with 'isi version' command. If version is between 9.5.0.0 and 9.10.0.1 inclusive, system is vulnerable.

Check Version:

isi version

Verify Fix Applied:

Run 'isi version' command and verify version is 9.10.0.2 or later.

📡 Detection & Monitoring

Log Indicators:

Unauthorized NFS mount attempts
Unexpected file access patterns from unknown IPs
Failed authentication attempts on NFS exports

Network Indicators:

Unusual NFS traffic from external IPs
Port 2049 scans from unknown sources

SIEM Query:

source="nfs.log" AND (action="mount" OR action="access") AND src_ip NOT IN [trusted_ips]

📊 Metadata

CVE ID: CVE-2024-53298

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-862

EPSS Score: 0.24% exploit probability (46.6th percentile)

Published: June 20, 2025

Last Updated: July 11, 2025

🔗 References

https://www.dell.com/support/kbdoc/en-us/000326339/dsa-2025-208-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-53298, you might also want to check these: