CVE-2025-43729 — Incorrect Permission Assignment in Dell Thinos 10

CWE-732 — Incorrect Permission Assignment2 documents2 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 94.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Thinos 10 Dell Thinos

Timeline

PublishedAug 27

Description

Dell ThinOS 10, versions prior to 2508_10.0127, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Elevation of Privileges and Unauthorized Access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDdell/thinos< 2508

▶CVEListV5dell/thinos_10N/A — 2508_10.0127

🔴Vulnerability Details

GHSA

GHSA-877q-4j62-9hxq: Dell ThinOS 10, versions prior to 2508_10↗2025-08-27

▶