Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A local unauthenticated user could potentially exploit this vulnerability leading to Elevation of Privileges and Information disclosure.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 27 Aug 2025 22:00:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell thinos
Vendors & Products Dell
Dell thinos

Wed, 27 Aug 2025 14:15:00 +0000

Type Values Removed Values Added
Description Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A local unauthenticated user could potentially exploit this vulnerability leading to Elevation of Privileges and Information disclosure.
Weaknesses CWE-88
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2025-08-28T03:55:24.667Z

Reserved: 2025-04-17T05:03:55.667Z

Link: CVE-2025-43730

cve-icon Vulnrichment

Updated: 2025-08-27T14:09:19.402Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-27T14:15:51.120

Modified: 2025-08-29T16:24:09.860

Link: CVE-2025-43730

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-27T21:57:31Z