CVE-2019-3712

Name of the Vulnerable Software and Affected Versions Dell WES Wyse Device Agent versions prior to 14.1.2.9 Dell Wyse ThinLinux HAgent versions prior to 5.4.55 00.10

Description The issue is related to a buffer overflow that can be exploited by an unauthenticated attacker to execute arbitrary code on the system with privileges of the FTP client. This can be achieved by sending specially crafted input data to the affected system. The vulnerable FTP code has been removed.

Recommendations For Dell WES Wyse Device Agent versions prior to 14.1.2.9, update to version 14.1.2.9 or later to resolve the issue. For Dell Wyse ThinLinux HAgent versions prior to 5.4.55 00.10, update to version 5.4.55 00.10 or later to resolve the issue.