CVE-2023-32462 (CVSS 9.8): Patch Dell Switches to Block Takeover

If your data center relies on Dell SmartFabric OS10, a security checkup is non-negotiable. Recently disclosed vulnerabilities (CVE-2023-28078 and CVE-2023-32462) pose a severe threat. They range from sensitive data exposure, and service disruption, all the way to the potential complete takeover of your critical network switches. The delay leaves your company open to unacceptable risks.

CVE-2023-28078 and CVE-2023-32462

Dell SmartFabric OS10 is a network operating system specifically designed for data center fabrics. It’s the software intelligence powering several of Dell’s modern modular and PowerSwitch series network switches.

  • CVE-2023-28078 (CVSS 9.1): If Virtual Link Trunking (VLT) is actively used, this flaw compromises zeroMQ security measures, enabling:
    • Unauthorized information disclosure: Sensitive network communications become accessible to attackers.
    • Potential Denial of Service (DoS): An influx of requests could be used to disrupt your switches.
  • CVE-2023-32462 (CVSS 9.8): This vulnerability is exceptionally severe. Targeting remote user authentication potentially gives attackers elevated privileges to the underlying operating system of a network switch. Exploitation could enable the ability to:
    • Execute arbitrary commands remotely.
    • Modify or wipe configuration files, causing service interruption.
    • Install malware/backdoors within your network.

“A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and possible system takeover. This is a critical vulnerability as it allows an attacker to cause severe damage. Dell recommends customers to upgrade at the earliest opportunity,” Dell wrote in its security advisory.

Affected Products and Remediation

CVEs Addressed Product Affected Versions Remediated Versions Link
CVE-2023-28078,
CVE-2023-32462
Dell SmartFabric OS10 10.5.5.0, 10.5.5.3  10.5.5.5  https://www.dell.com/support
CVE-2023-28078,
CVE-2023-32462
Dell SmartFabric OS10 10.5.5.1 (MX),
10.5.5.2 (MX)
10.5.5.4 (MX)  DSA-2023-293: Security Update for Dell Networking MX Series Switches Vulnerabilities
CVE-2023-28078,
CVE-2023-32462
Dell SmartFabric OS10 10.5.4.x 10.5.4.8  https://www.dell.com/support
CVE-2023-28078,
CVE-2023-32462
Dell SmartFabric OS10 10.5.4.6 (MX) 10.5.4.9 (MX)  DSA-2023-293: Security Update for Dell Networking MX Series Switches Vulnerabilities
CVE-2023-28078,
CVE-2023-32462
Dell SmartFabric OS10 10.5.3.x 10.5.3.8  https://www.dell.com/support
CVE-2023-28078,
CVE-2023-32462
Dell SmartFabric OS10 10.5.2.x 10.5.2.12  https://www.dell.com/support

Urgent Recommendations

  1. Prioritize and Patch: Apply available patches from Dell to all exposed components as soon as possible. Thoroughly understand the update process and plan carefully to minimize operational disruption.

  2. Assess VLT Exposure: If possible, review VLT usage on highly sensitive network segments. Until patched, additional measures like strict traffic segmentation and increased VLT access monitoring can mitigate the impact.

  3. Strengthen Authentication: Ensure remote management interfaces for affected switches use the strictest access control methods:

    • Limit remote administrator accounts to the absolute minimum.
    • Enforce complex passwords, and avoid easy-to-guess defaults.
    • Where feasible, deploy multi-factor authentication.