Tuesday, May 28, 2024

Critical Dell Wyse Bugs Let Attackers to Execute Code and Access Files and Credentials

The giant Dell Wyse is affected by two Critical Vulnerabilities CVE-2020-29491 and CVE-2020-29492 which targets thin client devices.

The CyberMDX Research team has discovered these vulnerabilities on Dell Wyse thin clients, wherein when the vulnerability is exploited, the attackers can run malicious codes remotely and access arbitrary files on the affected devices.

What is a thin client?

A thin client is a small form-factor computer optimized for performing a remote desktop connection to a distant (and usually) more resourceful hardware. The software used by the thin client is minimal and directed towards making a seamless remote connection experience.

Vulnerabilities

These CVE-2020-29491 and CVE-2020-29492 are the default configuration vulnerabilities that can access a writable file and can manipulate the configuration of a specific thin client and potentially gain access to sensitive information on it compromising the thin clients completely. The impact is marked as ‘Critical’ by DELL.

Affected Products

All the Dell Wyse Thin Clients running on ThinOS versions 8.6 are affected

ProductAffected Version(s)Updated Version(s)
Dell Wyse 3040 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 3040 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 3040 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 3040 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5010 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5010 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5010 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5010 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5040 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5040 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5040 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5040 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5060 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5060 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5060 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5060 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5070 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5070 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5070 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5070 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 AIO Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 AIO Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 AIO Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 AIO Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 7010 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 7010 thin client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8

Impacts and mitigation

Dell Wyse thin client is widely used that around 6000 companies and organizations are making use of it in America alone. So it is likely to see that majority of Customers are under pressure to be cautious with the vulnerability.

Dell recommends customers to implement one of the following:

  • Secure the file server environment when using Dell Wyse ThinOS 8.6 clients – Impacted ThinOS 8.6 customers can secure their environment by updating their file servers to use a secure protocol (HTTPS instead of HTTP or FTP) and by ensuring file servers are set to read-only access. 
  • Deploy Dell Wyse Management Suite – Impacted ThinOS 8.6 customers can use Wyse Management Suite instead of a file server for imaging and device configuration. Wyse Management Suite communications enforce HTTPS protocol and all configurations are stored in a secure server database instead of editable configuration files.
  • Deploy Dell Wyse Management Suite with ThinOS 9 – In addition to deploying Wyse Management Suite, customers with eligible Wyse clients can update their operating system to ThinOS 9 free of charge. ThinOS 9 clients do not support file server configuration, and thus this exploit does not apply to Wyse clients running ThinOS 9.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity, and hacking news updates.

Also Read

Dell SupportAssist Bug Exposes Business & Home PCs Let Hackers Attack Hundreds of Million Dell Computers

Website

Latest articles

PoC Exploit Released For macOS Privilege Escalation Vulnerability

A new vulnerability has been discovered in macOS Sonoma that is associated with privilege...

CatDDoS Exploiting 80+ Vulnerabilities, Attacking 300+ Targets Daily

Malicious traffic floods targeted systems, servers, or networks in Distributed Denial of Service (DDoS)...

GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials

GNOME desktop manager was equipped with a new feature which allowed remote users to...

Kesakode: A Remote Hash Lookup Service To Identify Malware Samples

Today marks a significant milestone for Malcat users with the release of version 0.9.6,...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based...

Hackers Exploit WordPress Plugin to Steal Credit Card Data

Hackers have exploited an obscure WordPress plugin to inject malware into websites, specifically targeting...

Google Patches Chrome Zero-Day: Type Confusion in V8 JavaScript

Google has released a patch for a zero-day exploit in its Chrome browser.The...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles