PT-2025-31811 · Dell · Dell Unity
Published
2025-08-04
·
Updated
2025-08-09
·
CVE-2025-36606
CVSS v3.1
7.8
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
OS Command Injection
Weakness Enumeration
Related Identifiers
Affected Products
Dell Unity
Published
2025-08-04
·
Updated
2025-08-09
·
CVE-2025-36606
7.8
High
| Base vector | Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Dell Unity versions 5.5 and prior
Description:
Dell Unity versions 5.5 and prior contain an OS Command Injection vulnerability in the `svc nfssupport` utility. An authenticated attacker could potentially exploit this vulnerability to escape the restricted shell and execute arbitrary operating system commands with root privileges.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
OS Command Injection