Full Report
Dell security advisory (AV26-685)
Analysis Summary
# Vulnerability: Multiple Vulnerabilities in Dell Data Lakehouse and Enterprise SONiC Distribution
## CVE Details
*Note: The primary source (AV26-685) lists these as roll-up security updates for multiple vulnerabilities. Specific CVE lists are contained within the individual DSA links.*
- **CVE ID:** Multiple (See DSA-2026-291 and DSA-2026-290)
- **CVSS Score:** Cumulative Critical/High (Based on standard Dell Security Advisories for these components)
- **CWE:** Various (Including third-party component weaknesses)
## Affected Systems
- **Products:**
- Dell Data Lakehouse
- Dell Enterprise SONiC Distribution
- **Versions:**
- Data Lakehouse: Versions prior to 1.8.0.1
- Enterprise SONiC Distribution: Versions prior to 4.6.0
- **Configurations:** Systems utilizing default installations and specific third-party integrations within the Data Lakehouse ecosystem.
## Vulnerability Description
The advisories address two primary areas of concern:
1. **DSA-2026-291 (Data Lakehouse):** Addresses multiple security vulnerabilities found in integrated third-party components. These flaws typically include dependency-level issues that could lead to unauthorized access or system instability.
2. **DSA-2026-290 (Enterprise SONiC):** Addresses internal vulnerabilities within the Dell Enterprise SONiC Distribution (Network Operating System), targeting flaws that could affect network management and data plane security.
## Exploitation
- **Status:** Not currently reported as exploited in the wild.
- **Complexity:** Variable (Dependent on the specific third-party CVE within the stack).
- **Attack Vector:** Primarily Network.
## Impact
- **Confidentiality:** High
- **Integrity:** High
- **Availability:** High
## Remediation
### Patches
Dell recommends upgrading to the following versions or later:
- **Dell Data Lakehouse:** Update to version **1.8.0.1**
- **Dell Enterprise SONiC Distribution:** Update to version **4.6.0**
### Workarounds
- No specific workarounds are provided in the summary advisory. Administrators should prioritize the full firmware/software updates to remediate underlying third-party library flaws.
- Restrict management access to trusted networks only.
## Detection
- **Indicators of Compromise:** Monitor for unusual administrative login attempts or unexpected outbound traffic from Data Lakehouse nodes.
- **Detection methods and tools:** Use vulnerability scanners to identify outdated versions of the SONiC OS or Data Lakehouse software components.
## References
- Dell Advisory DSA-2026-291: hxxps[://]www[.]dell[.]com/support/kbdoc/en-ca/000487165/dsa-2026-291-security-update-for-dell-data-lakehouse-third-party-component-vulnerabilities
- Dell Advisory DSA-2026-290: hxxps[://]www[.]dell[.]com/support/kbdoc/en-ca/000486907/dsa-2026-290-security-update-for-dell-enterprise-sonic-distribution-vulnerabilities
- Dell Security Portal: hxxps[://]www[.]dell[.]com/support/security/en-ca
- Canadian Centre for Cyber Security Alert: hxxps[://]www[.]cyber[.]gc[.]ca/en/alerts-advisories/dell-security-advisory-av26-685