Critical Dell Wyse Bugs Let Attackers to Execute Code and Access Files and Credentials

The giant Dell Wyse is affected by two Critical Vulnerabilities CVE-2020-29491 and CVE-2020-29492 which targets thin client devices.

The CyberMDX Research team has discovered these vulnerabilities on Dell Wyse thin clients, wherein when the vulnerability is exploited, the attackers can run malicious codes remotely and access arbitrary files on the affected devices.

What is a thin client?

A thin client is a small form-factor computer optimized for performing a remote desktop connection to a distant (and usually) more resourceful hardware. The software used by the thin client is minimal and directed towards making a seamless remote connection experience.

Vulnerabilities

These CVE-2020-29491 and CVE-2020-29492 are the default configuration vulnerabilities that can access a writable file and can manipulate the configuration of a specific thin client and potentially gain access to sensitive information on it compromising the thin clients completely. The impact is marked as ‘Critical’ by DELL.

Affected Products

All the Dell Wyse Thin Clients running on ThinOS versions 8.6 are affected

ProductAffected Version(s)Updated Version(s)
Dell Wyse 3040 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 3040 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 3040 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 3040 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5010 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5010 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5010 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5010 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5040 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5040 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5040 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5040 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5060 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5060 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5060 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5060 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5070 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5070 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5070 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5070 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 AIO Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 AIO Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 AIO Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 AIO Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 Thin Client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 Thin Client with PCoIP (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 5470 Thin Client with PCoIP (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 7010 Thin Client (ENG)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8
Dell Wyse 7010 thin client (JPN)Versions prior to 8.6 MR8 where the Client is receiving configurations from a remote file server over an insecure protocol8.6 MR8

Impacts and mitigation

Dell Wyse thin client is widely used that around 6000 companies and organizations are making use of it in America alone. So it is likely to see that majority of Customers are under pressure to be cautious with the vulnerability.

Dell recommends customers to implement one of the following:

  • Secure the file server environment when using Dell Wyse ThinOS 8.6 clients – Impacted ThinOS 8.6 customers can secure their environment by updating their file servers to use a secure protocol (HTTPS instead of HTTP or FTP) and by ensuring file servers are set to read-only access.
  • Deploy Dell Wyse Management Suite – Impacted ThinOS 8.6 customers can use Wyse Management Suite instead of a file server for imaging and device configuration. Wyse Management Suite communications enforce HTTPS protocol and all configurations are stored in a secure server database instead of editable configuration files.
  • Deploy Dell Wyse Management Suite with ThinOS 9 – In addition to deploying Wyse Management Suite, customers with eligible Wyse clients can update their operating system to ThinOS 9 free of charge. ThinOS 9 clients do not support file server configuration, and thus this exploit does not apply to Wyse clients running ThinOS 9.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity, and hacking news updates.

Also Read

Dell SupportAssist Bug Exposes Business & Home PCs Let Hackers Attack Hundreds of Million Dell Computers

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Claude AI Abused in Influence-as-a-Service Operations and Campaigns

Claude AI, developed by Anthropic, has been exploited by malicious actors in a range of…

7 hours ago

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting U.S.…

16 hours ago

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise

Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious…

17 hours ago

MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques

MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in…

20 hours ago

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA

Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging…

21 hours ago

Threat Actors Target Critical National Infrastructure with New Malware and Tools

A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated, long-term…

22 hours ago