CVE-2025-43730Argument Injection in Dell Thinos 10

CWE-88Argument Injection2 documents2 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 78.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell Thinos 10Dell Thinos
Timeline
PublishedAug 27

Description

Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A local unauthenticated user could potentially exploit this vulnerability leading to Elevation of Privileges and Information disclosure.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDdell/thinos< 2508
CVEListV5dell/thinos_10N/A2508_10.0127

🔴Vulnerability Details

1
GHSA
GHSA-287q-rcxw-c7c5: Dell ThinOS 10, versions prior to 2508_102025-08-27