CVE-2025-24379
published 2025-03-28CVE-2025-24379: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | unity | >= N/A < 5.5.0.0.5.259 | 5.5.0.0.5.259 |
| dell | unity_operating_environment | < 5.5.0.0.5.259 | 5.5.0.0.5.259 |