CVE-2020-29492
Severity Score
10.0
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable file and manipulate the configuration of any target specific station.
Dell Wyse ThinOS versiones 8.6 y anteriores, contienen una vulnerabilidad de configuración predeterminada no segura. Un atacante remoto no autenticado podría potencialmente explotar esta vulnerabilidad para acceder al archivo grabable y manipular la configuración de cualquier estación específica objetivo.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-12-03 CVE Reserved
- 2021-01-04 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-276: Incorrect Default Permissions
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.dell.com/support/kbdoc/en-us/000180768/dsa-2020-281 | 2021-01-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dell Search vendor "Dell" | Wyse Thinos Search vendor "Dell" for product "Wyse Thinos" | <= 8.6 Search vendor "Dell" for product "Wyse Thinos" and version " <= 8.6" | - |
Affected
| in | Dell Search vendor "Dell" | Wyse 3040 Search vendor "Dell" for product "Wyse 3040" | - | - |
Safe
|
| Dell Search vendor "Dell" | Wyse Thinos Search vendor "Dell" for product "Wyse Thinos" | <= 8.6 Search vendor "Dell" for product "Wyse Thinos" and version " <= 8.6" | - |
Affected
| in | Dell Search vendor "Dell" | Wyse 5010 Search vendor "Dell" for product "Wyse 5010" | - | - |
Safe
|
| Dell Search vendor "Dell" | Wyse Thinos Search vendor "Dell" for product "Wyse Thinos" | <= 8.6 Search vendor "Dell" for product "Wyse Thinos" and version " <= 8.6" | - |
Affected
| in | Dell Search vendor "Dell" | Wyse 5040 Search vendor "Dell" for product "Wyse 5040" | - | - |
Safe
|
| Dell Search vendor "Dell" | Wyse Thinos Search vendor "Dell" for product "Wyse Thinos" | <= 8.6 Search vendor "Dell" for product "Wyse Thinos" and version " <= 8.6" | - |
Affected
| in | Dell Search vendor "Dell" | Wyse 5060 Search vendor "Dell" for product "Wyse 5060" | - | - |
Safe
|
| Dell Search vendor "Dell" | Wyse Thinos Search vendor "Dell" for product "Wyse Thinos" | <= 8.6 Search vendor "Dell" for product "Wyse Thinos" and version " <= 8.6" | - |
Affected
| in | Dell Search vendor "Dell" | Wyse 5070 Search vendor "Dell" for product "Wyse 5070" | - | - |
Safe
|
| Dell Search vendor "Dell" | Wyse Thinos Search vendor "Dell" for product "Wyse Thinos" | <= 8.6 Search vendor "Dell" for product "Wyse Thinos" and version " <= 8.6" | - |
Affected
| in | Dell Search vendor "Dell" | Wyse 5470 Search vendor "Dell" for product "Wyse 5470" | - | - |
Safe
|
| Dell Search vendor "Dell" | Wyse Thinos Search vendor "Dell" for product "Wyse Thinos" | <= 8.6 Search vendor "Dell" for product "Wyse Thinos" and version " <= 8.6" | - |
Affected
| in | Dell Search vendor "Dell" | Wyse 7010 Search vendor "Dell" for product "Wyse 7010" | - | - |
Safe
|