CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-24383

Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to delete arbitrary files. This vulnerability is considered critical as it can be leveraged to delete critical system files as root. Dell recommends customers to upgrade at the earliest opportunity.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.198

EPSS Ranking 95.2%

CVSS Severity

CVSS v3 Score 9.1

References

https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities

Products affected by CVE-2025-24383

Dell » Unity Operating Environment » Version: N/A

cpe:2.3:a:dell:unity_operating_environment:-
Dell » Unity Operating Environment » Version: 5.0.7.0.5.008

cpe:2.3:a:dell:unity_operating_environment:5.0.7.0.5.008
Dell » Unity Operating Environment » Version: 5.2.0.0.5.173

cpe:2.3:a:dell:unity_operating_environment:5.2.0.0.5.173
Dell » Unity Operating Environment » Version: 5.3.0.0.5.120

cpe:2.3:a:dell:unity_operating_environment:5.3.0.0.5.120
Dell » Unity Operating Environment » Version: 5.4.0.0

cpe:2.3:a:dell:unity_operating_environment:5.4.0.0
Dell » Unity Operating Environment » Version: 5.4.0.0.5.094

cpe:2.3:a:dell:unity_operating_environment:5.4.0.0.5.094

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-24383

Products

Pricing

Contact Us