CVE-2024-51534
Published: 01 February 2025
Summary
CVE-2024-51534 is a high-severity Path Traversal: '\..\filename' (CWE-29) vulnerability in Dell Data Domain Operating System. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Data Destruction (T1485); ranked at the 32.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates path traversal by requiring validation of file path inputs to block unauthorized overwrites of OS files.
Enforces logical access controls to prevent low-privileged local users from overwriting protected OS files via path traversal.
Applies least privilege to restrict low-privileged users' access to OS files, reducing the impact of path traversal exploitation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal enables local low-priv file overwrite of OS files, directly facilitating data destruction that results in DoS.
NVD Description
Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. A local low privileged could potentially exploit this vulnerability to gain unauthorized overwrite of OS files stored on the server filesystem. Exploitation could lead…
more
to denial of service.
Deeper analysisAI
CVE-2024-51534 is a path traversal vulnerability (CWE-22, CWE-29) affecting Dell PowerProtect DD systems running versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20. It enables a local low-privileged user to potentially overwrite operating system files on the server filesystem. The vulnerability carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H), indicating high impact on integrity and availability with no confidentiality impact.
A low-privileged local user can exploit this vulnerability to perform unauthorized overwrites of OS files, potentially leading to denial of service conditions on the affected PowerProtect DD system. The attack requires local access and low privileges, with low complexity and no user interaction needed.
Dell's security advisory DSA-2025-022, detailed at https://www.dell.com/support/kbdoc/en-us/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities, addresses this and other vulnerabilities in PowerProtect DD with a security update. Practitioners should apply patches to reach or exceed the fixed versions (DDOS 8.3.0.0, 7.10.1.50, or 7.13.1.20) to mitigate the issue.
Details
- CWE(s)