CVE-2025-43941
published 2025-10-30CVE-2025-43941: Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary command with root privileges. This vulnerability only affects systems without a valid license install.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | unity | >= N/A < 5.5.2 | 5.5.2 |
| dell | unity_operating_environment | < 5.5.2.0 | 5.5.2.0 |