CVE-2026-21418
published 2026-01-30CVE-2026-21418: Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | unity | >= N/A < 5.5.3 | 5.5.3 |
| dell | unity_operating_environment | < 5.5.3.0 | 5.5.3.0 |