Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers

2020-12-21 17:00

Dell has patched two critical security vulnerabilities in its Dell Wyse Thin Client Devices, which are small form-factor computers optimized for connecting to a remote desktop.

The bugs allow arbitrary code execution and the ability to access files and credentials, researchers said.

In the U.S. alone, more than 6,000 companies and organizations are using Dell Wyse thin clients inside their network, with many of these being healthcare providers, according to researchers at CyberMDX, who discovered the flaws.

As for how many devices are potentially impacted, it's unclear - but Dell has said in the past that there are "Millions" of Dell Wyse Thin Clients deployed within organizations.

All Dell Wyse Thin Clients running ThinOS versions 8.6 and below are affected.

News URL

https://threatpost.com/critical-bugs-dell-wyse-thin-clients/162452/

#codeexecution #critical #dell #takeover

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Dell		1650	96	430	286	92	904

News URL

Related news

Related vendor