Login Sign Up

CVE-2025-24378

7.8 HIGH

📋 TL;DR

This CVE describes an OS command injection vulnerability in Dell Unity storage systems. A low-privileged attacker with local access can execute arbitrary commands and potentially gain elevated privileges. Affected systems include Dell Unity, UnityVSA, and Unity XT versions 5.4 and earlier.

💻 Affected Systems

Products:
  • Dell Unity
  • Dell UnityVSA
  • Dell Unity XT
Versions: 5.4 and prior versions
Operating Systems: Dell Unity OS
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations of affected versions are vulnerable. Requires local access to the system.

📦 What is this software?

Unity Operating Environment by Dell

View all CVEs affecting Unity Operating Environment →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with root-level access, data exfiltration, and persistent backdoor installation.

🟠

Likely Case

Local privilege escalation allowing attackers to gain administrative control over the storage system.

🟢

If Mitigated

Limited to authenticated user privileges with proper network segmentation and access controls.

🌐 Internet-Facing: LOW - Requires local access, not remotely exploitable over the internet.
🏢 Internal Only: HIGH - Local attackers or compromised internal accounts can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires low-privileged local access. No public exploit code available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 5.5 or later

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities

Restart Required: No

Instructions:

1. Download the latest firmware update from Dell Support. 2. Apply the update following Dell's documented procedures. 3. Verify the system is running version 5.5 or later.

🔧 Temporary Workarounds

Restrict Local Access

all

Limit physical and logical access to Dell Unity systems to authorized administrators only.

Implement Least Privilege

all

Ensure all user accounts have only the minimum necessary privileges.

🧯 If You Can't Patch

  • Implement strict access controls to limit who can access the Dell Unity management interface
  • Monitor system logs for unusual command execution patterns and privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check the system version via the Unity management interface or CLI. If version is 5.4 or earlier, the system is vulnerable.

Check Version:

Check via Unity Unisphere interface or use SSH to connect and check system version

Verify Fix Applied:

Confirm the system is running version 5.5 or later after applying the update.

📡 Detection & Monitoring

Log Indicators:

  • Unusual command execution patterns
  • Privilege escalation attempts
  • Unauthorized user access to system commands

Network Indicators:

  • Unusual SSH or management interface connections from unexpected sources

SIEM Query:

Search for command execution events from non-administrative accounts on Dell Unity systems

📊 Metadata

CVE ID: CVE-2025-24378
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-78
EPSS Score: 0.13% exploit probability (32.4th percentile)
Published: March 28, 2025
Last Updated: July 8, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-24378, you might also want to check these:

CVE-2023-2564 10.0

This CVE describes an OS command injection vulnerability in scanservjs web scanning software that al...

Same vulnerability type (CWE-78)
CVE-2024-58338 10.0

Anevia Flamingo XL 3.2.9 contains a restricted shell escape vulnerability that allows remote attacke...

Same vulnerability type (CWE-78)
CVE-2025-26389 10.0

This critical vulnerability allows unauthenticated remote attackers to execute arbitrary code with r...

Same vulnerability type (CWE-78)