News

Attention: Dell EMC AppSync has security vulnerabilities

Photo of Simon Lüthje Simon Lüthje26. January 2022

If you use the “Dell EMC AppSync” for your backup, an appropriate software update is urgently recommended. After all, it apparently suffers from several security leaks and can thus become a gateway for criminals.

Large companies targeted?

As a private individual, you probably don’t have to worry too much. After all, cyberattacks are more likely to be perpetrated on businesses through just such security vulnerabilities. Since many small, medium and large businesses rely on Dell EMC AppSync, this isn’t all that far-fetched. According to experts, the management software now allows hackers to take over entire Internet sessions. In doing so, they use one of the security vulnerabilities that have now become known. The consequences are unimaginable. So the criminals could initiate so-called “brute force attacks” without any firewall even noticing.

Software is too insecure

There are probably three security vulnerabilities at once that Dell EMC AppSync suffers from to make it an exceedingly insecure backup software. First, there is the handling of HTTP get requests. Within the backup software, data is stored in this area, which cybercriminals can use to join ongoing sessions. Furthermore, the handling of login attempts is questionable. Even with many failed logins, the software does not slow down the login attempt. As a result, it would be easy for hackers to launch a brute force offensive and find out login data. In addition, it is probably easy for hackers to implement transparent HTML buttons. In the course of this, users could have been urged to perform risky downloads or other actions.

Dell responds with software update

Of course, Dell has reacted as quickly as possible with a suitable update. After all, the US company sees the potential risks as high. In particular, the risk of compromising entire systems cannot be ruled out here, it says. Companies using Dell EMC AppSync versions 3.9 to 4.3 should now be on heightened alert. However, an update to version 4.4.0.0 should be able to eliminate the dangers. However, private users cannot download the corresponding update yet. It is exclusively intended for companies.

Tags
Photo of Simon Lüthje Simon Lüthje26. January 2022
Photo of Simon Lüthje

Simon Lüthje

I am co-founder of this blog and am very interested in everything that has to do with technology, but I also like to play games. I was born in Hamburg, but now I live in Bad Segeberg.

Related Articles

Der mobile 14 Zoll Monitor Dell C1422H

Dell Technologies introduces 5 new monitors for mobile work

21. August 2021

Dell: XPS 13 with 3.5K OLED display

14. April 2021

Dell introduces Optiplex 3090 and 7090

6. January 2021

New Alienware monitors: 1,080p at 360 Hz or 1,440p at 180 Hz

19. June 2023

No replies yet

Beginne die Diskussion →

Neue Antworten laden...

Avatar of Basic Tutorials
Basic Tutorials

Neues Mitglied

3,435 Beiträge 1,474 Likes
Angeheftet Jan 26, 2022

If you use the „Dell EMC AppSync“ for your backup, an appropriate software update is urgently recommended. After all, it apparently suffers from several security leaks and can thus become a gateway for criminals. Large companies targeted? As a private individual, you probably don’t have to worry too much. After all, cyberattacks are more likely … (Weiterlesen...)

Antworten Like

Beteilige dich an der Diskussion in der Basic Tutorials Community →

Back to top button