CVE-2025-26481 – Dell PowerScale OneFS versions 9.4.0.0 through ... (How to Fix)

Q: What is the severity of CVE-2025-26481?

CVE-2025-26481 has a CVSS score of 7.5 (HIGH). Dell PowerScale OneFS versions 9.4.0.0 through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote unauthenticated attacker can exploit this to cause denial of service by exhausting system resources. This affects all PowerScale OneFS deployments running vulnerable versions.

📋 TL;DR

Dell PowerScale OneFS versions 9.4.0.0 through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote unauthenticated attacker can exploit this to cause denial of service by exhausting system resources. This affects all PowerScale OneFS deployments running vulnerable versions.

💻 Affected Systems

Products:

Dell PowerScale OneFS

Versions: 9.4.0.0 through 9.9.0.0

Operating Systems: OneFS

Default Config Vulnerable: ⚠️ Yes

Notes: All configurations of affected versions are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Powerscale Onefs by Dell

View all CVEs affecting Powerscale Onefs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system unavailability affecting all storage services, potentially causing business disruption and data access loss.

🟠

Likely Case

Degraded performance or temporary service interruption affecting specific storage nodes or services.

🟢

If Mitigated

Limited impact with proper network segmentation and resource monitoring in place.

🌐 Internet-Facing: HIGH - Remote unauthenticated exploitation allows attackers from anywhere to trigger DoS.

🏢 Internal Only: HIGH - Even internal attackers without credentials can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

CWE-400 vulnerabilities typically involve simple resource exhaustion attacks that don't require complex exploitation techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 9.9.0.0 (check Dell advisory for specific patched versions)

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities

Restart Required: Yes

Instructions:

1. Review Dell advisory DSA-2024-453. 2. Download appropriate OneFS update from Dell support. 3. Apply update following Dell's upgrade procedures. 4. Reboot affected nodes as required.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to PowerScale management interfaces to trusted networks only.

Resource Monitoring

all

Implement monitoring for unusual resource consumption patterns on PowerScale nodes.

🧯 If You Can't Patch

Implement strict network access controls to limit exposure to trusted sources only.
Deploy rate limiting and resource usage monitoring to detect and block exploitation attempts.

🔍 How to Verify

Check if Vulnerable:

Check OneFS version using 'isi version' command and compare against affected range 9.4.0.0-9.9.0.0.

Check Version:

isi version

Verify Fix Applied:

Verify version is updated beyond 9.9.0.0 using 'isi version' and check Dell advisory for specific patched versions.

📡 Detection & Monitoring

Log Indicators:

Unusual resource consumption patterns
Multiple connection attempts from single sources
System performance degradation alerts

Network Indicators:

High volume of requests to PowerScale interfaces
Traffic patterns indicating resource exhaustion attempts

SIEM Query:

source="powerscale" AND (resource_usage>threshold OR connection_rate>normal)

📊 Metadata

CVE ID: CVE-2025-26481

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-400

EPSS Score: 0.11% exploit probability (29.5th percentile)

Published: May 15, 2025

Last Updated: July 11, 2025

🔗 References

https://www.dell.com/support/kbdoc/en-us/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-26481, you might also want to check these: