Initiativen für
Als nationale Behörde für Cybersicherheit hat das ZCB mehrere Initiativen für bestimmte Zielgruppen entwickelt, die hier vorgestellt werden.
Reference:
Advisory #2024-262
Version:
1.0
Affected software:
DELL ENTERPRISE SONIC OS
Type:
OS Command Injection
CVE/CVSS:
CVE-2024-45763: CVSS 9.1(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVE-2024-45764: CVSS 9.0(CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVE-2024-45765: CVSS 9.1(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
Dell Enterprise SONiC OS is a network operating system widely used in data centers and cloud environments. Its role in managing network infrastructure makes it a valuable target for threat actors seeking to disrupt services or gain unauthorized access.
Exploitation of these vulnerabilities allows attackers to:
CVE-2024-45763 & CVE-2024-45765: Execute arbitrary OS commands remotely, potentially leading to full system compromise.
CVE-2024-45764: Bypass authentication mechanisms, granting unauthorized access to system functionalities.
Given the critical severity, it is imperative to apply the recommended updates provided by Dell to mitigate these risks.
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/en/cert/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.