CVE-2020-29499
Description
Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
OS command injection in Dell EMC PowerStore X allows authenticated local attackers to execute arbitrary commands, leading to system takeover.
Vulnerability
Dell EMC PowerStore environments (PowerStore X) versions prior to 1.0.3.0.5.007 contain an OS command injection vulnerability [1]. The vulnerability exists in the PowerStore X environment and requires that the attacker has local authentication.
Exploitation
A locally authenticated attacker with high privileges can exploit this vulnerability due to insufficient input validation. The attack complexity is high (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H), and no user interaction is required. The attacker can inject arbitrary OS commands.
Impact
Successful exploitation allows execution of arbitrary OS commands on the underlying operating system, potentially leading to full system compromise [1].
Mitigation
Dell has released a fix in version 1.0.3.0.5.007 [1]. Users should update to this version or later. No workarounds are mentioned.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <1.0.3.0.5.006
- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.dell.com/support/kbdoc/000180775mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.