PT-2025-31811 · Dell · Dell Unity

Published

2025-08-04

·

Updated

2025-08-09

·

CVE-2025-36606

CVSS v3.1
7.8
VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Dell Unity versions 5.5 and prior
Description Dell Unity versions 5.5 and prior contain an OS Command Injection vulnerability in the
svc nfssupport
utility. An authenticated attacker could potentially exploit this vulnerability to escape the restricted shell and execute arbitrary operating system commands with root privileges.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

OS Command Injection

Weakness Enumeration

Related Identifiers

CVE-2025-36606

Affected Products

Dell Unity