{"id":51738,"date":"2026-03-20T16:11:11","date_gmt":"2026-03-20T16:11:11","guid":{"rendered":"https:\/\/www.europesays.com\/ch-de\/51738\/"},"modified":"2026-03-20T16:11:11","modified_gmt":"2026-03-20T16:11:11","slug":"diverse-attacken-auf-dell-secure-connect-gateway-policy-manager-moeglich","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/ch-de\/51738\/","title":{"rendered":"Diverse Attacken auf Dell Secure Connect Gateway Policy Manager m\u00f6glich"},"content":{"rendered":"<p>    close notice<\/p>\n<p class=\"notice-banner__text a-u-mb-0\">\n      This article is also available in<br \/>\n        <a href=\"https:\/\/www.heise.de\/en\/news\/Various-attacks-on-Dell-Secure-Connect-Gateway-Policy-Manager-possible-11219584.html\" class=\"notice-banner__link a-u-inline-link\" rel=\"nofollow noopener\" target=\"_blank\">English<\/a>.<\/p>\n<p>      It was translated with technical assistance and editorially reviewed before publication.\n    <\/p>\n<p class=\"notice-banner__link a-u-mb-0\">\n    Don\u2019t show this again.\n<\/p>\n<p>Dells Verwaltungsl\u00f6sung f\u00fcr den PC-Fernzugriff Secure Connect Gateway Policy Manager ist an mehreren Stellen verwundbar. Die Schwachstellen stecken in verschiedenen Softwarekomponenten von Drittanbietern.<\/p>\n<p>        Weiterlesen nach der Anzeige<\/p>\n<p>Sicherheitspatch installieren<\/p>\n<p><a href=\"https:\/\/www.dell.com\/support\/kbdoc\/de-de\/000441138\/dsa-2026-120-security-update-for-dell-secure-connect-gateway-policy-manager-multiple-third-party-component-vulnerabilities\" rel=\"external noopener nofollow\" target=\"_blank\">Auch wenn es in der Warnmeldung zu den L\u00fccken keine Hinweise auf bereits laufende Attacken gibt<\/a>, sollten Admins nicht zu lange z\u00f6gern und zeitnah die gepatchte Version 5.34.00.14 installieren. Alle vorigen Ausgaben sind den Entwicklern zufolge angreifbar.<\/p>\n<p>Von den Sicherheitsproblemen sind unter anderem die Komponenten Angular, Java 21 und logback betroffen. \u00d6ffnet ein Opfer etwa eine pr\u00e4parierte PNG-Datei, kommt es zu Fehlern und das System h\u00e4ngt sich in einem DoS-Zustand auf (CVE-2026-25646 \u201ehoch\u201c). Weiterhin kann es noch zu XSS-Attacken (CVE-2026-22610 \u201ehoch\u201c) und Fehlern beim Sperren von Zertifikaten kommen (CVE-2026-24734 \u201ehoch\u201c).<\/p>\n<p>(<a class=\"redakteurskuerzel__link\" href=\"https:\/\/www.heise.de\/news\/mailto:des@heise.de\" title=\"Dennis Schirrmacher\" rel=\"nofollow noopener\" target=\"_blank\">des<\/a>)<\/p>\n<p>\n      Dieser Link ist leider nicht mehr g\u00fcltig.\n    <\/p>\n<p>Links zu verschenkten Artikeln werden ung\u00fcltig,<br \/>\n      wenn diese \u00e4lter als 7\u00a0Tage sind oder zu oft aufgerufen wurden.\n    <\/p>\n<p>Sie ben\u00f6tigen ein heise+ Paket, um diesen Artikel zu lesen. Jetzt eine Woche unverbindlich testen \u2013 ohne Verpflichtung!<\/p>\n","protected":false},"excerpt":{"rendered":"close notice This article is also available in English. It was translated with technical assistance and editorially reviewed&hellip;\n","protected":false},"author":2,"featured_media":51739,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15],"tags":[2470,46,15401,622,8912,45,60,59,557,2473,44,64,61,2416,63,62],"class_list":{"0":"post-51738","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-wissenschaft-technik","8":"tag-alert","9":"tag-ch","10":"tag-dell-secure-connect-gateway-policy-manager","11":"tag-it","12":"tag-patchday","13":"tag-schweiz","14":"tag-science","15":"tag-science-technology","16":"tag-security","17":"tag-sicherheitsluecken","18":"tag-switzerland","19":"tag-technik","20":"tag-technology","21":"tag-updates","22":"tag-wissenschaft","23":"tag-wissenschaft-technik"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@ch_de\/116262376043574027","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/ch-de\/wp-json\/wp\/v2\/posts\/51738","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/ch-de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/ch-de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ch-de\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ch-de\/wp-json\/wp\/v2\/comments?post=51738"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/ch-de\/wp-json\/wp\/v2\/posts\/51738\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ch-de\/wp-json\/wp\/v2\/media\/51739"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/ch-de\/wp-json\/wp\/v2\/media?parent=51738"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/ch-de\/wp-json\/wp\/v2\/categories?post=51738"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/ch-de\/wp-json\/wp\/v2\/tags?post=51738"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}