CVE-2026-22280 – Dell PowerScale OneFS contains an incorrect per... (How to Fix)

Q: What is the severity of CVE-2026-22280?

CVE-2026-22280 has a CVSS score of 5.0 (MEDIUM). Dell PowerScale OneFS contains an incorrect permission assignment vulnerability that allows low-privileged local attackers to cause denial of service. This affects multiple versions of Dell PowerScale OneFS storage systems. Organizations running affected versions are vulnerable to local privilege escalation leading to system disruption.

📋 TL;DR

Dell PowerScale OneFS contains an incorrect permission assignment vulnerability that allows low-privileged local attackers to cause denial of service. This affects multiple versions of Dell PowerScale OneFS storage systems. Organizations running affected versions are vulnerable to local privilege escalation leading to system disruption.

💻 Affected Systems

Products:

Dell PowerScale OneFS

Versions: 9.5.0.0 through 9.5.1.5, 9.6.0.0 through 9.7.1.10, 9.8.0.0 through 9.10.1.3, 9.11.0.0 through 9.12.x

Operating Systems: OneFS (Dell's proprietary storage OS)

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations of affected versions are vulnerable. Requires local access to the OneFS system.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains elevated privileges and disrupts critical storage services, causing extended downtime and data unavailability.

🟠

Likely Case

Malicious insider or compromised low-privileged account causes temporary service disruption on affected storage nodes.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to isolated nodes with quick detection and remediation.

🌐 Internet-Facing: LOW - Requires local access to the OneFS system, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Internal attackers with local access can exploit, but requires existing access to storage infrastructure.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and low-privileged credentials. No public exploit code available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to OneFS 9.5.1.6+, 9.7.1.11+, 9.10.1.4+, or 9.13.0.0+ as appropriate for your version

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000415586/dsa-2026-049-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities

Restart Required: Yes

Instructions:

1. Review Dell advisory DSA-2026-049. 2. Identify current OneFS version. 3. Download appropriate patch from Dell Support. 4. Apply patch following Dell's update procedures. 5. Reboot affected nodes as required.

🔧 Temporary Workarounds

Restrict Local Access

linux

Limit local console and SSH access to trusted administrators only

# Review and restrict SSH access in /etc/ssh/sshd_config
# Implement strict access controls for console ports

Enhanced Monitoring

linux

Monitor for privilege escalation attempts and unusual local activity

# Enable audit logging: isi audit settings modify --enabled=true
# Monitor system logs for privilege changes

🧯 If You Can't Patch

Implement strict access controls to limit who has local access to PowerScale systems
Enable comprehensive logging and monitoring for privilege escalation attempts and unusual local activity

🔍 How to Verify

Check if Vulnerable:

Run 'isi version' to check current OneFS version and compare against affected ranges

Check Version:

isi version

Verify Fix Applied:

After patching, run 'isi version' to confirm version is updated to patched release

📡 Detection & Monitoring

Log Indicators:

Unusual privilege escalation attempts
Failed access attempts to restricted resources
Unexpected process execution with elevated privileges

Network Indicators:

Multiple failed SSH/local login attempts from same source
Unusual outbound connections from storage nodes

SIEM Query:

source="powerscale" AND (event_type="privilege_escalation" OR event_type="access_violation")

📊 Metadata

CVE ID: CVE-2026-22280

CVSS v3 Score: 5.0 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

CWE: CWE-732

EPSS Score: 0.01% exploit probability (1.6th percentile)

Published: January 22, 2026

Last Updated: January 28, 2026

🔗 References

https://www.dell.com/support/kbdoc/en-us/000415586/dsa-2026-049-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-22280, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Powerscale Onefs by Dell

Powerscale Onefs by Dell

Powerscale Onefs by Dell

Powerscale Onefs by Dell

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict Local Access

Enhanced Monitoring

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities