VYPR

Wyse ThinOS

by Dell

CVEs (9)

  • CVE-2020-29492CriJan 4, 2021
    risk 0.65cvss 10.0epss 0.02

    Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable file and manipulate the configuration of any target specific station.

  • CVE-2020-29491CriJan 4, 2021
    risk 0.65cvss 10.0epss 0.02

    Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the sensitive information on the local network, leading to the potential compromise…

  • CVE-2021-21597HigAug 10, 2021
    risk 0.47cvss 7.2epss 0.00

    Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system could exploit this vulnerability to read sensitive information written to the log files.

  • CVE-2022-34402MedOct 10, 2022
    risk 0.44cvss 6.8epss 0.01

    Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An admin privilege attacker could potentially exploit this vulnerability, leading to denial-of-service.

  • CVE-2023-32455MedJul 20, 2023
    risk 0.36cvss 5.5epss 0.00

    Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.

  • CVE-2023-32447MedJul 20, 2023
    risk 0.36cvss 5.5epss 0.00

    Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure vulnerability. A malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.

  • CVE-2023-32446MedJul 20, 2023
    risk 0.36cvss 5.5epss 0.00

    Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.

  • CVE-2021-21532MedApr 2, 2021
    risk 0.33cvss 5.0epss 0.00

    Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or…

  • CVE-2021-21598LowAug 10, 2021
    risk 0.25cvss 3.9epss 0.00

    Dell Wyse ThinOS, versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure Vulnerability. An authenticated attacker with physical access to the system could exploit this vulnerability to read sensitive Smartcard data in log files.