Dell, which pitches its Wyse ThinOS as "the most secure thin client operating system," plans to publish an advisory on Monday for two security vulnerabilities that are as bad as they could possibly be.
CVE-2020-29491 and CVE-2020-29492 are both critical flaws, managing a perfect (although unwelcome) CVSS score of 10 out of 10. The vulnerabilities, which affect all Dell Wyse Thin Clients running ThinOS versions 8.6 or earlier, allow more or less anyone to remotely run malicious code and to access arbitrary files on vulnerable devices.
The issues were identified by security biz CyberMDX, which said in its disclosure, "The profound potential impact of these vulnerabilities coupled with the relative ease of exploitation is what makes them so critical."
Dell Wyse Thin Clients allow companies to provide employees with access to applications via stripped-down, cloud-connected client machines that do most of their computing remotely ..
Support the originator by clicking the read the rest link below.
