Dell Advisories Address Third-Party Component Flaws Across APEX, NetWorker, and Secure Connect Gateway
Dell issued multiple security advisories covering vulnerabilities across a broad set of enterprise products, including APEX Cloud Platform for Red Hat OpenShift, APEX Cloud Platforms Solution Offerings, APEX, Dell Secure Connect Gateway Appliance, Dell Policy Manager for Secure Connect Gateway Appliance, Dell NetWorker, Dell Storage Monitoring and Reporting, Dell Storage Resource Manager, and Dell PowerSwitch Z9664F-ON. The Canadian Centre for Cyber Security said the advisories span both Dell-developed software and bundled third-party components, with specific issues including Apache Tomcat vulnerabilities in NetWorker, rsync vulnerabilities in Dell networking products, and multiple third-party component flaws in Secure Connect Gateway-related offerings.
Affected versions cited in the notices include Dell Policy Manager for Secure Connect Gateway Appliance before 5.32.00.18, Dell Secure Connect Gateway Appliance before 5.34.00.16, Dell NetWorker 19.14 and 19.9 through 19.13.0.2, Dell PowerSwitch Z9664F-ON before 3.54.5.1-11, and Dell Storage Monitoring and Reporting and Storage Resource Manager before 6.0.0.2. The Cyber Centre urged organizations to review Dell’s product-specific advisories and apply the required updates to reduce exposure across infrastructure, storage, networking, and cloud platform environments.
Timeline
Mar 30, 2026
Cyber Centre publishes advisory AV26-295 on latest Dell advisories
On 2026-03-30, the Canadian Centre for Cyber Security published advisory AV26-295 summarizing Dell's advisories issued during the prior week and urging users to review and apply the necessary updates. The notice focused on multiple third-party component vulnerabilities across several Dell enterprise products.
Mar 23, 2026
Dell issues another round of security advisories from March 23 to 29
Between 2026-03-23 and 2026-03-29, Dell published additional advisories for products including APEX Cloud Platform for Red Hat OpenShift, APEX Cloud Platforms Solution Offerings, APEX, Secure Connect Gateway Appliance, Storage Monitoring and Reporting, and Storage Resource Manager. These advisories covered multiple third-party component vulnerabilities and identified affected version ranges such as Secure Connect Gateway Appliance prior to 5.34.00.16 and Storage Monitoring and Reporting and Storage Resource Manager prior to 6.0.0.2.
Mar 23, 2026
Cyber Centre publishes advisory AV26-263 on Dell vulnerabilities
On 2026-03-23, the Canadian Centre for Cyber Security published advisory AV26-263 summarizing Dell's recent advisories and urging administrators to review them and apply updates. The notice highlighted affected versions including Secure Connect Gateway Policy Manager prior to 5.32.00.18, NetWorker 19.14 and 19.9 through 19.13.0.2, and PowerSwitch Z9664F-ON prior to 3.54.5.1-11.
Mar 16, 2026
Dell issues multiple product security advisories from March 16 to 22
Between 2026-03-16 and 2026-03-22, Dell published several security advisories covering vulnerabilities in products including Policy Manager for Secure Connect Gateway Appliance, NetWorker, and PowerSwitch Z9664F-ON. The advisories addressed issues such as Apache Tomcat flaws in NetWorker, rsync vulnerabilities in networking products, and multiple third-party component vulnerabilities.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Organizations
Sources
Related Stories
Dell Issues Security Advisories for PowerEdge, PowerProtect, Connectrix, and Networking Products
Dell released multiple security advisories covering vulnerabilities across a broad set of enterprise infrastructure products, and the Canadian Centre for Cyber Security urged organizations to review the notices and apply updates. The affected technologies span storage, networking, data protection, and server platforms, including **Connectrix Switches and Directors**, **AMD-based PowerEdge Servers**, **Dell Command | Update** versions prior to `5.7.0`, **PowerProtect Data Domain**, and **Dell Storage Manager - Replay Manager for Microsoft Servers** versions prior to `8.0.3`. Additional advisories also affected **Data Protection Advisor**, **Dell EMC Isilon OneFS**, **Dell EMC PowerScale**, **Dell Networking OS10**, **PowerProtect DP Series Appliance**, **Elastic Cloud Storage**, **ObjectScale**, and several **PowerSwitch** models. The Canadian notice linked Dell advisories including `DSA-2026-041`, `DSA-2026-171`, `DSA-2026-058`, and `DSA-2026-190`, and characterized the activity as a vendor patch and mitigation effort rather than evidence of active exploitation.
5 days ago
Multiple Security Advisories for Enterprise and Industrial Products
Several major vendors, including Dell, IBM, and CISA, have released security advisories addressing vulnerabilities in a wide range of enterprise and industrial control system products. Dell's advisories cover critical updates for products such as APEX Cloud Platform for Red Hat OpenShift, Enterprise SONiC Distribution, NetWorker, PowerSwitch models, and iDRAC controllers, urging administrators to apply patches to mitigate potential risks. IBM has similarly published advisories for multiple products, while CISA has issued alerts for vulnerabilities in industrial control systems from vendors like ABB, Advantech, Delta Electronics, Fuji Electric, IDIS, Radiometrics, Survision, and Ubia, recommending prompt mitigation and updates. In addition to these broad advisories, a critical denial-of-service vulnerability (CVE-2024-20399) was identified in Cisco's Identity Services Engine (ISE), which could allow unauthenticated attackers to crash network access control systems by exploiting the RADIUS protocol. Cisco has provided both temporary and permanent mitigation steps for affected versions. Separately, CISA added a Samsung Mobile Devices out-of-bounds write vulnerability (CVE-2025-21042) to its Known Exploited Vulnerabilities Catalog, highlighting the ongoing risk posed by actively exploited flaws and urging organizations to prioritize remediation to protect against cyber threats.
1 months ago
Multiple Security Advisories for Enterprise and Industrial Products (Late October–Early November 2025)
Vendors including Hitachi Energy, Schneider Electric, ABB, Ubiquiti, Dell, IBM, Red Hat, Ubuntu, and Microsoft released security advisories between October 27 and November 3, 2025, addressing vulnerabilities across a wide range of enterprise, industrial, and cloud products. Notable advisories include CISA's ICS alerts for control systems, a critical flaw in ABB's PCM600 software (CVE-2018-1002208), a critical vulnerability in Ubiquiti's UniFi Access Application (CVE-2025-52665), and updates for Microsoft Edge, Red Hat Enterprise Linux, Ubuntu LTS versions, and multiple Dell and IBM products. Organizations are urged to review the advisories, apply recommended mitigations, and update affected systems to reduce exposure to exploitation. The advisories highlight vulnerabilities that could allow remote code execution, privilege escalation, or unauthorized access if left unpatched. The Canadian Centre for Cyber Security and CISA emphasize the importance of timely patching and mitigation, especially for products deployed in critical infrastructure and enterprise environments. Administrators should consult the official vendor advisories for detailed remediation steps and monitor for further updates as new vulnerabilities are disclosed and addressed.
1 months ago