This report is about two high-value vulnerabilities affecting Dell Wyse ThinOS. The Dell thin client vulnerabilities allow remote attackers the possibility to gain initial access to the network and can provide some lateral movement opportunities. There are patches available for these vulnerabilities on the vendor’s website.
The vulnerabilities have been given the identifying information of CVE-2020-29491 and CVE-2020-29492 respectively. CVE-2020-29491 and CVE-2020-29492 affect thin clients running Dell Wyse ThinOS 8.6 MR8.
CVE-2020-29491 is caused by an unsecured default configuration that allows a remote unauthenticated attacker to gather sensitive information on the local network. This may provide the attacker with the option to compromise the vulnerable thin clients.
CVE-2020-29492 is caused by an insecure default configuration that allows a remote unauthenticated attacker to access a writable file which can be used to manipulate the configuration of that specific thin client.
It is highly encouraged that you implement the vendor patch linked below and ensure that outside access to the thin clients on the network is limited so as to reduce the likelihood of successful exploitation.
Note: The Avertium Threat Report analyzes one current threat that has been shared by threat intelligence networks across the globe. Used internally by the Avertium CyberOps Team, this report will outline a “top-of-mind” threat and how it ought to be addressed accordingly.
This informed analysis is based on the latest data available.