VYPR

ThinOS

by Dell

CVEs (17)

  • CVE-2024-53290HigDec 11, 2024
    risk 0.55cvss 8.4epss 0.01

    Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Command execution

  • CVE-2026-40715HigJun 2, 2026
    risk 0.51cvss 7.8epss 0.00

    Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation.

  • CVE-2026-23862HigMar 16, 2026
    risk 0.51cvss 7.8epss 0.00

    Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of…

  • CVE-2025-27688HigMar 18, 2025
    risk 0.51cvss 7.8epss 0.00

    Dell ThinOS 2408 and prior, contains an improper permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

  • CVE-2025-26331HigMar 7, 2025
    risk 0.51cvss 7.8epss 0.01

    Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.

  • CVE-2024-53289HigDec 11, 2024
    risk 0.51cvss 7.8epss 0.00

    Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

  • CVE-2024-42427HigSep 10, 2024
    risk 0.49cvss 7.6epss 0.01

    Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges.

  • CVE-2021-21597HigAug 10, 2021
    risk 0.47cvss 7.2epss 0.00

    Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated malicious user with physical access to the system could exploit this vulnerability to read sensitive information written to the log files.

  • CVE-2026-40713MedJun 2, 2026
    risk 0.40cvss 6.1epss 0.00

    Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information exposure.

  • CVE-2024-42423MedSep 10, 2024
    risk 0.40cvss 6.1epss 0.00

    Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and…

  • CVE-2024-28963MedApr 24, 2024
    risk 0.40cvss 6.2epss 0.00

    Telemetry Dashboard v1.0.0.7 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability to read sensitive proxy settings information.

  • CVE-2025-32752MedMay 29, 2025
    risk 0.37cvss 5.7epss 0.00

    Dell ThinOS 2502 and prior contain a Cleartext Storage of Sensitive Information vulnerability. A high privileged attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure.

  • CVE-2021-21598LowAug 10, 2021
    risk 0.25cvss 3.9epss 0.00

    Dell Wyse ThinOS, versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure Vulnerability. An authenticated attacker with physical access to the system could exploit this vulnerability to read sensitive Smartcard data in log files.

  • CVE-2025-43729Aug 27, 2025
    risk 0.00cvss epss 0.00

    Dell ThinOS 10, versions prior to 2508_10.0127, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Elevation of Privileges and Unauthorized Access.

  • CVE-2025-43730Aug 27, 2025
    risk 0.00cvss epss 0.00

    Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A local unauthenticated user could potentially exploit this vulnerability leading to Elevation of Privileges and…

  • CVE-2025-43882Aug 27, 2025
    risk 0.00cvss epss 0.00

    Dell ThinOS 10, versions prior to 2508_10.0127, contains an Unverified Ownership vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Unauthorized Access.

  • CVE-2025-43728Aug 27, 2025
    risk 0.00cvss epss 0.00

    Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism Failure vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass.