Double Feature at the Orangerie
Section: Arts
Dell PowerScale OneFS Vulnerability Allows Account Takeover via Default Passwords
Thu 10th Apr, 2025
Recent security findings have revealed vulnerabilities in Dell's NAS operating system, PowerScale OneFS, prompting the company to address multiple security flaws in its current versions. These vulnerabilities could potentially allow attackers to gain unauthorized access to sensitive network storage systems.
Security experts have identified six distinct weaknesses within the PowerScale OneFS framework that could be exploited by malicious actors. The most critical of these vulnerabilities, classified under CVE-2025-27690, arises from the use of a default password, enabling attackers to remotely seize accounts with elevated user privileges without needing any authentication. This severity level suggests that once compromised, devices could be fully taken over by unauthorized users.
In addition to this critical vulnerability, there is another significant flaw labeled as CVE-2025-26330, which has been rated as high severity. This issue allows unauthorized access by local attackers who have not logged in, primarily due to lingering permissions associated with disabled accounts.
The remaining vulnerabilities are categorized as medium and low severity, with some being susceptible to Denial of Service (DoS) attacks. While the specific details regarding the potential exploitation of these weaknesses remain unclear, the risks they pose to data integrity and system functionality are substantial.
Dell's recent advisory did not indicate whether any active attacks exploiting these vulnerabilities have occurred. Additionally, it is uncertain how attackers might identify compromised NAS systems. In response to the identified vulnerabilities, Dell has released patches in the following versions of PowerScale OneFS: 9.4.0.219.5.1.39.7.1.59.7.1.79.8.0.49.9.0.29.10.1.1.
For administrators unable to apply these security updates immediately, Dell has provided workarounds to help secure systems against the critical flaw until proper patches can be implemented. These measures are detailed in the advisory released by Dell.
Why Fashion Is Cyclical: The Eternal Return of Style
Section: Fashion
Why Climbing Shirts Are More Than Just Outdoor Gear
Section: Arts
Key milestones in the technological revolution that improved night vision devices
Section: Business
Ten Years After the OECD's Warning: Bias Against Boys in Schools Still Ignored
Section: News
From Click to Crisis: How Typosquatting Targets German Businesses Online
Section: Business
Bayern Munich 2025/26 Season Preview: Challenges Ahead for Kompany's New-Look Side
Section: Arts
Munich's Start-Up Scene Sees Record Venture Capital Inflows: What's Driving the Boom?
Section: Arts
German Firefighters Join Efforts Against Spain's Major Wildfires
Section: News
The 2025 A-to-Z Guide to American-Made Knife Companies
Section: Arts
German Private Health Insurance
Health Insurance in Germany is compulsory and sometimes complicated, not to mention expensive. As an expat, you are required to navigate this landscape within weeks of arriving, so check our FAQ on PKV. For our guide on resources and access to agents who can give you a competitive quote, try our PKV Cost comparison tool.
Hospital and Clinic Directory
Germany is famous for its medical expertise and extensive number of hospitals and clinics. See this comprehensive directory of hospitals and clinics across the country, complete with links to their websites, addresses, contact info, and specializations/services.
Upcoming Events
HOTEL MATZE ''Live''
After eight years, Matze Hielscher, the host of the Hotel Matze podcast, reflects on an extensive guest list that spans the German media landscape. In over 300 conversations, he has engaged with personalities from journalism, science, politics, philosophy, sports, art, and music. Notable guests have...
No comments yet. Be the first to comment!