ГлавнаяУязвимости → CVE-2025-43730
8.4высокая

CVE-2025-43730

Описание

Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A local unauthenticated user could potentially exploit this vulnerability leading to Elevation of Privileges and Information disclosure.

Затрагиваемое ПО
Dell ThinosDell Latitude 3330Dell Latitude 3420Dell Latitude 3440Dell Latitude 3450Dell Latitude 5440Dell Latitude 5450Dell Latitude 5520Dell Latitude 5530Dell Latitude 5540Dell Latitude 5550Dell Optiplex 3000 tcDell Optiplex 5400 all-in-oneDell Optiplex 7020Dell Optiplex all-in-one 7410Dell Optiplex all-in-one 7420Dell Optiplex micro plus 7010Dell Precision 3260 compactDell Precision 3280Dell Pro 14 pc14250Dell Pro 16 pc16250Dell Pro 16 plus pb16250Dell Pro 24 all-in-oneDell Pro max 14Dell Pro max 16 plus
CVSS
Балл8.4 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.dell.com/support/kbdoc/en-us/000359619/dsa-2025-331