MDR
Solutions
Partners
About
Resources
Affected Environment
Dell PowerSwitch E3200-ON, Z9664F-ON, and Dell Policy Manager for Secure Connect Gateway – Appliance running vulnerable third‑party components. Exposure applies where affected versions are deployed and not yet upgraded to Dell’s remediated software releases listed in the advisory.
Threat Overview
Vulnerabilities in Intel, rsync, Angular, Apache Maven, Apache Tomcat, Java, SLES15 and SLES 15 SP6, and logback impact these Dell products. Successful exploitation could enable authentication bypass, command execution, privilege escalation, information disclosure, or denial of service.
Exposure Timeline
Dell published security updates in March 2026, and Smarttech247 issued this alert on 19 March 2026 for customer awareness.
Exposure exists from initial deployment of affected versions until upgrade to the specified fixed versions is completed in your environment.
Attack Surface
The attack surface includes network-exposed Dell PowerSwitch management and data plane services using the listed third‑party components. Dell Policy Manager for Secure Connect Gateway – Appliance surfaces risk through its application stack and underlying OS components.
Technical Root Cause
The root cause is multiple vulnerabilities in bundled third‑party software libraries and OS components used by the Dell products.
Weaknesses span protocol implementations, web frameworks, Java and logging components, and SUSE Linux Enterprise Server packages.
Exploitation Pathway
A malicious user could target vulnerable services to gain elevated access, execute commands, or disrupt services if network reachable. Specific exploit chains depend on each CVE but generally rely on interacting with exposed components or authenticated interfaces.
Operational Impact
If exploited, these flaws may allow device compromise, service interruption, or unauthorized access to information processed by devices. This can affect switching fabric stability and management plane integrity for impacted Dell networking and gateway environments.
Strategic Impact
Unpatched devices weaken overall network security posture and may undermine segmentation or secure connectivity controls. Persistent exposure could provide attackers with footholds in core or edge network zones, increasing long‑term organizational risk.
Required Mitigation
Upgrade E3200‑ON to 3.57.5.1‑6 or later, Z9664F‑ON to 3.54.5.1‑11 or later, and Policy Manager to 5.34.00.14 or later. Regularly update OS, applications, firmware, and enforce least privilege on systems and services to reduce future exposure.
Incident Response Guidance
Identify all instances of affected Dell PowerSwitch and Secure Connect Gateway Policy Manager versions and prioritize upgrades. Review for unusual activity on these devices; if compromise is suspected, follow standard IR processes and vendor guidance.
References
Use Dell advisories DSA‑2026‑141, DSA‑2026‑140, and DSA‑2026‑120 for product‑specific details and patch instructions. Consult NVD, CISA, and the linked GitHub advisories for CVE‑level technical information and further tracking.
Trusted by clients worldwide
Led by human expertise and powered by the VisionX platform, we provide you with a 24/7 unbeatable Managed Detection & Response capability giving you transparent and consolidated security solutions.
.jpg)