CVE-2025-36578

Vulnerability

Dell Wyse Management Suite (WMS) versions prior to 5.2 contain an Incorrect Authorization vulnerability [1]. This flaw exists in the proprietary code of WMS [1], allowing a low-privileged authenticated user to access resources or perform actions that should require higher privileges [1]. The vulnerability is present in all versions before WMS 5.2 [1].

Exploitation

An attacker with low privileges and remote access to the WMS instance can exploit this vulnerability [1]. The CVSS vector string (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N) indicates the attack complexity is low, and no user interaction is required [1]. The attacker must already have a low-privileged account on the WMS [1]. Specific exploitation steps are not detailed in the available references, but the nature of an incorrect authorization flaw typically involves sending crafted requests to endpoints that fail to properly verify the user's permission level.

Impact

Successful exploitation leads to unauthorized access, potentially resulting in high confidentiality and high integrity impact [1]. The attacker could read sensitive information (e.g., configuration data, other users' data) and modify data they should not have write access to [1]. Availability is not affected [1]. Given that Dell rated the overall impact as 'High', this vulnerability could enable an attacker to compromise critical WMS functions [1].

Mitigation

Dell has fixed this vulnerability in Wyse Management Suite version 5.2 [1]. All users running WMS prior to 5.2 should upgrade to version 5.2 or later as soon as possible [1]. No workarounds have been published. According to the advisory, this CVE is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of the publication date.