Description
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper check for unusual or exceptional conditions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service.
Published: 2026-04-16
Score: 4.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch ASAP
AI Analysis

Impact

An improper check for unusual or exceptional conditions in Dell PowerScale OneFS allows a high‑privileged local attacker to trigger a denial of service when the condition is evaluated incorrectly. The flaw does not provide direct data disclosure or code execution, but it can stop the system or a service from operating, potentially affecting availability for the entire file system cluster if the attack is successful.

Affected Systems

Dell PowerScale OneFS versions earlier than 9.12.0.0 are susceptible. The vulnerability is present in the product when deployed on any platform that runs these affected releases and has not yet been upgraded.

Risk and Exploitability

The CVSS score is 4.1, placing the vulnerability in the low‑severity range. EPSS data is unavailable, so the likelihood of exploitation is unclear, and the vulnerability is not listed in CISA’s KEV catalog. The attack requires local access with high privileges, thus limiting the threat surface to administrators or compromised administrative accounts. While the impact is limited to service interruption, an attacker who can persist the denial could disrupt critical workflows.

Generated by OpenCVE AI on April 17, 2026 at 02:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Dell PowerScale OneFS to 9.12.0.0 or newer using the DSA‑2025‑347 security update
  • If an update is not yet applied, restrict local high‑privileged accounts and monitor for unexpected service stops
  • Apply network‑level protection to isolate the OneFS node from untrusted local connections until a patch is applied

Generated by OpenCVE AI on April 17, 2026 at 02:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 21 Apr 2026 14:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:dell:powerscale_onefs:*:*:*:*:*:*:*:*

Sat, 18 Apr 2026 03:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 17 Apr 2026 03:15:00 +0000

Type Values Removed Values Added
Title Improper Check Enables Denial of Service in Dell PowerScale OneFS

Thu, 16 Apr 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell powerscale Onefs
Vendors & Products Dell
Dell powerscale Onefs

Thu, 16 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
Description Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper check for unusual or exceptional conditions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service.
Weaknesses CWE-754
References
Metrics cvssV3_1

{'score': 4.1, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Dell Powerscale Onefs
cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2026-04-18T02:39:20.246Z

Reserved: 2025-04-18T05:05:05.740Z

Link: CVE-2025-43883

cve-icon Vulnrichment

Updated: 2026-04-18T02:39:16.120Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-16T18:16:43.667

Modified: 2026-04-21T14:32:12.420

Link: CVE-2025-43883

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T03:00:08Z

Weaknesses