CVE-2025-24385 – This OS command injection vulnerability in Dell... (How to Fix)

Q: What is the severity of CVE-2025-24385?

CVE-2025-24385 has a CVSS score of 7.8 (HIGH). This OS command injection vulnerability in Dell Unity storage systems allows attackers with local access to execute arbitrary commands with elevated privileges. It affects Dell Unity, UnityVSA, and Unity XT versions 5.4 and earlier. Attackers could gain full control of affected systems.

📋 TL;DR

This OS command injection vulnerability in Dell Unity storage systems allows attackers with local access to execute arbitrary commands with elevated privileges. It affects Dell Unity, UnityVSA, and Unity XT versions 5.4 and earlier. Attackers could gain full control of affected systems.

💻 Affected Systems

Products:

Dell Unity
Dell UnityVSA
Dell Unity XT

Versions: 5.4 and prior versions

Operating Systems: Dell Unity OS

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations of affected versions are vulnerable. Requires local access with any user account.

📦 What is this software?

Unity Operating Environment by Dell

View all CVEs affecting Unity Operating Environment →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with root-level access, data exfiltration, ransomware deployment, and lateral movement to connected systems.

🟠

Likely Case

Local privilege escalation leading to administrative control of the storage system, configuration changes, and data access.

🟢

If Mitigated

Limited impact due to network segmentation, strict access controls, and monitoring preventing successful exploitation.

🌐 Internet-Facing: LOW (requires local access, not remotely exploitable)

🏢 Internal Only: HIGH (low-privileged local users can achieve full system compromise)

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and low-privileged credentials. No public exploit code available as of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 5.5 or later

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities

Restart Required: No

Instructions:

1. Download the latest firmware from Dell Support. 2. Apply the update through the Unity management interface. 3. Verify the update completed successfully. 4. No system restart required.

🔧 Temporary Workarounds

Restrict Local Access

all

Limit local console and SSH access to trusted administrative users only.

Configure access controls in Unity management interface
Use firewall rules to restrict SSH access

Implement Least Privilege

all

Remove unnecessary local user accounts and restrict remaining accounts to minimal required privileges.

Review and remove unused accounts via Unity management console
Configure role-based access controls

🧯 If You Can't Patch

Implement strict network segmentation to isolate Unity systems from general user networks
Enable comprehensive logging and monitoring for suspicious command execution attempts

🔍 How to Verify

Check if Vulnerable:

Check Unity system version in management interface under System > About. If version is 5.4 or earlier, system is vulnerable.

Check Version:

ssh admin@unity-system "show system version" or check via Unity management web interface

Verify Fix Applied:

Verify system version shows 5.5 or later in management interface. Check that all security patches listed in DSA-2025-116 are applied.

📡 Detection & Monitoring

Log Indicators:

Unusual command execution patterns in system logs
Multiple failed privilege escalation attempts
Unexpected user account activity

Network Indicators:

Unusual SSH connections to Unity systems
Suspicious outbound connections from Unity systems

SIEM Query:

source="unity_logs" AND (event_type="command_execution" OR user_privilege_change="true")

📊 Metadata

CVE ID: CVE-2025-24385

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-78

EPSS Score: 0.13% exploit probability (32.3th percentile)

Published: March 28, 2025

Last Updated: July 8, 2025

🔗 References

https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-24385, you might also want to check these: