Skip to main content

Dell just patched a nasty bug that might have left your work PC exposed

dell xps 12 review ultrabook carbon fiber lid logo
Image used with permission by copyright holder
Dell recently distributed a hotfix that addresses vulnerabilities found in the Dell SonicWALL Global Management System (GMS) and SonicWALL Analyzer, versions 8.0 and 8.1. Both solutions are typically installed on PCs distributed in corporations and businesses, the former of which is used to manage, report, and monitor SonicWALL appliances like SSL VPNs and firewalls. Analyzer provides web-based network traffic analysis and reporting tools.

“Vulnerabilities were found pertaining to command injection, unauthorized XXE, default account, and unauthorized modification of virtual appliance networking information,” the company states. “To fix these vulnerabilities, Dell highly recommends that existing users of Dell SonicWALL GMS and Analyzer Hotfix 174525.”

Recommended Videos

The vulnerabilities in Dell’s two SonicWALL solutions were uncovered by Digital Defense Incorporated. This company was founded in 1999, and provides managed security assessment solutions for small businesses and Fortune companies alike in over 65 countries. The firm actually discovered up to six vulnerabilities just in Dell’s SonicWALL GMS service alone.

Please enable Javascript to view this content

According to the security firm, the vulnerabilities include unauthenticated remote command execution with root privileges, a hidden default account with an easily guessable password, an unauthenticated XML External Entity (XXE) injection in the GMC service, an unauthenticated XML External Entity (XXE) injection via a crafted AMF message, and unauthenticated network configuration changes via the GMC service.

For instance, if the attacker uses the command injection vulnerability, the crafty individual can gain a reverse root shell on the virtual appliance. This enables the attacker to grab database credentials and change the password, preventing the administrator of the GMS to access the interface and giving the attacker full control over the virtual appliance.

As for the hidden account, this can be used to add non-administrative users through the CLI Client made available to download through the GMS web application. These users can then log onto the web interfaces and change the administrator’s password. Their privileges can thus be elevated by logging out and logging back in as administrator with a new password. That means full control of the GMS interface and all connected SonicWALL appliances.

As for some of the other vulnerabilities, hackers could use XXE injection to retrieve encrypted database credentials and IP addresses, and use a static key to decrypt and change the administrator’s password. XXE injection could also be used to retrieve the current MD5 password hash for the administrator of the virtual appliance. The last several hashed passwords for the administrator can be obtained too.

“Users who are unable to apply patches to the affected systems can attempt to mitigate some of the risk posed by these exploit vectors by limiting access to the network services of their SonicWALL GMS appliances to restricted-access internal network segments or dedicated VLANs,” the firm reports.

Top get the hotfix from Dell, customers can simply download it from here. Just log onto MySonicWALL, click on “Downloads” and then “Download Center” in the navigation panel on the left. After that, choose “GMS / Analyzer – Virtual Appliance” or “GMS / Analyzer – Windows” in the drop down menu labeled “Software Type.” After that, follow the release notes for detailed instructions on how to install the hotfix.

For a detailed accounting of each vulnerability that’s now patched by Dell, check out Digital Defense’s blog right here.

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Turns out, it’s not that hard to do what OpenAI does for less
OpenAI's new typeface OpenAI Sans

Even as OpenAI continues clinging to its assertion that the only path to AGI lies through massive financial and energy expenditures, independent researchers are leveraging open-source technologies to match the performance of its most powerful models -- and do so at a fraction of the price.

Last Friday, a unified team from Stanford University and the University of Washington announced that they had trained a math and coding-focused large language model that performs as well as OpenAI's o1 and DeepSeek's R1 reasoning models. It cost just $50 in cloud compute credits to build. The team reportedly used an off-the-shelf base model, then distilled Google's Gemini 2.0 Flash Thinking Experimental model into it. The process of distilling AIs involves pulling the relevant information to complete a specific task from a larger AI model and transferring it to a smaller one.

Read more
New MediaTek Chromebook benchmark surfaces with impressive speed
Asus Chromebook CX14

Many SoCs are being prepared for upcoming 2025 devices, and a recent benchmark suggests that a MediaTek chipset could make Chromebooks as fast as they have ever been this year.

Referencing the GeekBench benchmark, ChromeUnboxed discovered the latest scores of the MediaTek MT8196 chip, which has been reported on for some time now. With the chip being housed on the motherboard codenamed ‘Navi,’ the benchmark shows the chip excelling in single-core and multi-core benchmarks, as well as in GPU, NPU, and some other tests run.

Read more
Chrome incognito just got even more private with this change
The Chrome browser on the Nothing Phone 2a.

Google Chrome's Incognito mode and InPrivate just became even more private, as they no longer save copied text and media to the clipboard, according to Windows Latest. The changes apply to Windows 11 and 10 users and were rolled out in 2024. However, neither Microsoft nor Google documented it.

Even though this change is not a recent feature, it's odd that neither tech giant thought it was worth mentioning. Previously, the default setting was that when a user saved text or images to the clipboard history, it was synced with Cloud Clipboard on Windows. Moreover, accessing this synced content was as simple as pressing the Windows and V keys, which poses a security risk, especially when using incognito mode.

Read more