Two dangerous vulnerabilities found in Dell Wyse Thin Client

by Emma Davis
December 22, 2020
Dell Wyse Thin Client
Written by Emma Davis

Dell has released updates for vulnerabilities in selected Dell Wyse Thin Client models. The patches fix a number of critical bugs that can be used remotely and without authentication.

The vulnerabilities were discovered by CyberMDX, which specializes in cybersecurity in the healthcare sector. More than 6,000 organizations, including many healthcare providers, use these Dell products in the US alone, according to the company.

CyberMDX researchers noticed that the local FTP server used by Dell Wyse Thin Client to retrieve new firmware, packages and configurations is available by default without credentials, allowing anyone to access it.

The vulnerabilities affect Dell Wyse Thin client devices and once exploited allow attackers to, among other things, remotely run malicious code and access arbitrary files on affected devices. The profound potential impact of these vulnerabilities coupled with the relative ease of exploitation is what makes them so critical. This criticality is captured in the severity scores of both vulnerabilities – 10/10.wrote CyberMDX specialists.

Essentially, a hacker could access the INI file stored on the server and make changes to that file.

INI files contain a long list of configurable parameters detailed in over 100 pages of official Dell documentation. Reading or changing these parameters opens the door to many different attacks. Configuring and enabling VNC for full remote control, leaking remote desktop credentials, and manipulating DNS results are just a few of the attack scenarios to be aware of.write the researchers.

Such attacks were made possible by two vulnerabilities: CVE-2020-29491, which allows an unauthenticated attacker to gain access to the configuration file, and CVE-2020-29492, which allows changes to the file.

Dell advised its customers that the vulnerabilities affect Wyse 3040, 5010, 5040, 5060, 5070, 5470, and 7010 thin clients running ThinOS 8.6 and earlier.

The vulnerabilities were fixed with the release of ThinOS version 8.6 MR8.

Let me remind you that information security specialists also found a hidden backdoor in HP Device Manager.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

View all posts

Leave a Reply

Sending