Security News > 2020 > December > Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers

Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers
2020-12-21 17:00

Dell has patched two critical security vulnerabilities in its Dell Wyse Thin Client Devices, which are small form-factor computers optimized for connecting to a remote desktop.

The bugs allow arbitrary code execution and the ability to access files and credentials, researchers said.

In the U.S. alone, more than 6,000 companies and organizations are using Dell Wyse thin clients inside their network, with many of these being healthcare providers, according to researchers at CyberMDX, who discovered the flaws.

As for how many devices are potentially impacted, it's unclear - but Dell has said in the past that there are "Millions" of Dell Wyse Thin Clients deployed within organizations.

All Dell Wyse Thin Clients running ThinOS versions 8.6 and below are affected.


News URL

https://threatpost.com/critical-bugs-dell-wyse-thin-clients/162452/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Dell 1764 98 476 312 95 981