Blog | G5 Cyber Security

Critical bugs in Dell Wyse ThinOS allow thin client take over

A dozen Dell Wyse thin client models are vulnerable to critical issues that could be exploited by a remote attacker to run malicious code and gain access to arbitrary files. The vulnerabilities (tracked as CVE-2020-29492) are in components of ThinOS, the operating system on Dell’s thin clients. Researchers at CyberMDX, a company focusing on cybersecurity in the healthcare sector, found that FTP access is possible with no credentials, using “anonymous”” user. Only the firmware and packages are signed

Source: security

Exit mobile version