Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
References
Configurations
History
08 Jul 2025, 16:32
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities - Vendor Advisory | |
CPE | cpe:2.3:a:dell:unity_operating_environment:*:*:*:*:*:*:*:* | |
First Time |
Dell unity Operating Environment
Dell |
28 Mar 2025, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-03-28 03:15
Updated : 2025-07-08 16:32
NVD link : CVE-2025-24379
Mitre link : CVE-2025-24379
CVE.ORG link : CVE-2025-24379
JSON object : View
Products Affected
dell
- unity_operating_environment
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')