Vulnerability Description
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the sensitive information on the local network, leading to the potential compromise of impacted thin clients.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Wyse Thinos | <= 8.6 |
| Dell | Wyse 3040 | - |
| Dell | Wyse 5010 | - |
| Dell | Wyse 5040 | - |
| Dell | Wyse 5060 | - |
| Dell | Wyse 5070 | - |
| Dell | Wyse 5470 | - |
| Dell | Wyse 7010 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000180768/dsa-2020-281Vendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000180768/dsa-2020-281Vendor Advisory
FAQ
What is CVE-2020-29491?
CVE-2020-29491 is a vulnerability with a CVSS score of 10.0 (CRITICAL). Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the se...
How severe is CVE-2020-29491?
CVE-2020-29491 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-29491?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Wyse Thinos, Dell Wyse 3040, Dell Wyse 5010, Dell Wyse 5040, Dell Wyse 5060.