CVE-2024-49564
published 2025-03-28CVE-2024-49564: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileges.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | unity | >= N/A < 5.5.0.0.5.259 | 5.5.0.0.5.259 |
| dell | unity_operating_environment | < 5.5.0.0.5.259 | 5.5.0.0.5.259 |