Summary: Major hardware manufacturers MediaTek, HPE, and Dell have released advisories regarding critical vulnerabilities in their products, urging users to apply patches promptly. These vulnerabilities range from remote code execution to local privilege escalation and could have serious implications if exploited.
Threat Actor: Unknown | unknown
Victim: MediaTek, HPE, Dell | MediaTek, HPE, Dell
Key Point :
- MediaTek patched a critical vulnerability (CVE-2024-20154) in its modem component that could allow remote code execution via rogue base stations.
- Dell addressed a high-severity flaw (CVE-2025-22395) in its Update Package Framework, enabling potential denial-of-service conditions.
- HPE released fixes for multiple vulnerabilities in its SAN switches, including issues that could lead to privilege escalation and remote command execution.
- Users are strongly advised to apply the patches as soon as possible to mitigate potential risks.
Source: https://www.securityweek.com/dell-hpe-mediatek-patch-vulnerabilities-in-their-products/