CVE-2025-36606 – Dell Unity storage systems running version 5.5 ... (How to Fix)

Q: What is the severity of CVE-2025-36606?

CVE-2025-36606 has a CVSS score of 7.8 (HIGH). Dell Unity storage systems running version 5.5 and earlier contain an OS command injection vulnerability in the svc_nfssupport utility. Authenticated attackers can escape the restricted shell and execute arbitrary commands with root privileges. This affects organizations using Dell Unity storage appliances for data management.

📋 TL;DR

Dell Unity storage systems running version 5.5 and earlier contain an OS command injection vulnerability in the svc_nfssupport utility. Authenticated attackers can escape the restricted shell and execute arbitrary commands with root privileges. This affects organizations using Dell Unity storage appliances for data management.

💻 Affected Systems

Products:

Dell Unity
Dell UnityVSA
Dell Unity XT

Versions: 5.5 and prior

Operating Systems: Dell Unity OS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access to the Dell Unity management interface.

📦 What is this software?

Unity Operating Environment by Dell

View all CVEs affecting Unity Operating Environment →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to execute arbitrary commands as root, potentially leading to data theft, system destruction, or lateral movement to other network resources.

🟠

Likely Case

Privilege escalation from authenticated user to root, enabling attackers to modify configurations, access sensitive data, or disrupt storage operations.

🟢

If Mitigated

Limited impact if proper network segmentation, least privilege access, and monitoring are implemented to detect and block exploitation attempts.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access but command injection vulnerabilities are typically straightforward to exploit once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply patches referenced in DSA-2025-281

Vendor Advisory: https://www.dell.com/support/kbdoc/en-si/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities

Restart Required: Yes

Instructions:

1. Review Dell advisory DSA-2025-281. 2. Download appropriate patches from Dell Support. 3. Apply patches following Dell's documented procedures. 4. Restart affected systems as required.

🔧 Temporary Workarounds

Restrict Access to Management Interface

all

Limit network access to Dell Unity management interfaces to only trusted administrative networks.

Implement Least Privilege Access

all

Review and restrict user accounts with access to Dell Unity systems to only necessary personnel.

🧯 If You Can't Patch

Isolate Dell Unity systems on dedicated network segments with strict firewall rules
Implement comprehensive monitoring and alerting for suspicious command execution patterns

🔍 How to Verify

Check if Vulnerable:

Check Dell Unity version via management interface or CLI. Versions 5.5 and earlier are vulnerable.

Check Version:

Check version via Dell Unity Unisphere interface or consult system documentation for CLI commands.

Verify Fix Applied:

Verify patch installation through Dell Unity management interface and confirm version is updated beyond 5.5.

📡 Detection & Monitoring

Log Indicators:

Unusual command execution patterns in system logs
Multiple failed authentication attempts followed by successful login
Unexpected process execution with root privileges

Network Indicators:

Unusual network traffic from Dell Unity management interfaces
Suspicious connections to command and control infrastructure

SIEM Query:

source="dell_unity" AND (event_type="command_execution" OR user="root") AND command CONTAINS suspicious_pattern

📊 Metadata

CVE ID: CVE-2025-36606

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-78

EPSS Score: 0.03% exploit probability (8.6th percentile)

Published: August 4, 2025

Last Updated: August 15, 2025

🔗 References

https://www.dell.com/support/kbdoc/en-si/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-36606, you might also want to check these: