Multiple Dell ThinOS Vulnerabilities

Dell Wyse ThinOS Vulnerabilities Overview

This report is about two high-value vulnerabilities affecting Dell Wyse ThinOS. The Dell thin client vulnerabilities allow remote attackers the possibility to gain initial access to the network and can provide some lateral movement opportunities. There are patches available for these vulnerabilities on the vendor’s website.

Tactics, Techniques, and Procedures

The vulnerabilities have been given the identifying information of CVE-2020-29491 and CVE-2020-29492 respectively. CVE-2020-29491 and CVE-2020-29492 affect thin clients running Dell Wyse ThinOS 8.6 MR8.

CVE-2020-29491 is caused by an unsecured default configuration that allows a remote unauthenticated attacker to gather sensitive information on the local network. This may provide the attacker with the option to compromise the vulnerable thin clients.

CVE-2020-29492 is caused by an insecure default configuration that allows a remote unauthenticated attacker to access a writable file which can be used to manipulate the configuration of that specific thin client.

Business Unit Impact

May provide a foothold for the bad actor to perform the lateral movement in the environment and launch future attacks
Could result in the compromise of computers in the network
May allow for reconnaissance and intelligence operations on the network architecture

Recommendations

It is highly encouraged that you implement the vendor patch linked below and ensure that outside access to the thin clients on the network is limited so as to reduce the likelihood of successful exploitation.

Learn about Avertium's vulnerability management-as-a-service

Sources

https://exchange.xforce.ibmcloud.com/collection/a778b72f0e8fbec9e592547ae8ed851b

Supporting Documentation

Vendor Patch:

https://www.dell.com/support/kbdoc/ro-ro/000180768/dsa-2020-281

MITRE Mapping(s):

https://attack.mitre.org/techniques/T1016/

https://attack.mitre.org/techniques/T1203/

Note: The Avertium Threat Report analyzes one current threat that has been shared by threat intelligence networks across the globe. Used internally by the Avertium CyberOps Team, this report will outline a “top-of-mind” threat and how it ought to be addressed accordingly.

This informed analysis is based on the latest data available.

Chat With One of Our Experts

CVE-2020-29492 Threat Report Dell thinOS CVE-2020-29491 vulnerability management Threat Detection and Response Blog

Why Avertium?

Considering Microsoft?

Latest Avertium News

Governance, Risk, + Compliance

Attack Surface Management

Threat Detection + Response

Microsoft Security Solutions

About Us

Latest Avertium News

Our Partners

Partner Opportunity Registration

Latest Avertium Resource

News & Resources

Latest Resource