CVE-2025-22398

Name of the Vulnerable Software and Affected Versions Dell Unity versions 5.4 and prior

Description The issue is related to an Improper Neutralization of Special Elements used in an OS Command, also known as an 'OS Command Injection' vulnerability. This vulnerability can be exploited by an unauthenticated attacker with remote access, potentially leading to arbitrary command execution as root. Exploitation may result in a system takeover by an attacker. The vulnerability is considered critical as it can be leveraged to completely compromise the operating system.

Recommendations To resolve the issue, upgrade to a version later than 5.4 at the earliest opportunity. As a temporary workaround, consider restricting remote access to the system to minimize the risk of exploitation. Additionally, apply the patch DSA-2025-116 to fix the vulnerability.