Cyber Resilience

CVE-2024-49601

High

Published: 28 March 2025

Published
28 March 2025
Modified
08 July 2025
KEV Added
Patch
CVSS Score v3.1 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0116 79.0th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-49601 is a high-severity OS Command Injection (CWE-78) vulnerability in Dell Unity Operating Environment. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 21.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-49601 is an Improper Neutralization of Special Elements used in an OS Command, classified as an OS Command Injection vulnerability (CWE-78), affecting Dell Unity versions 5.4 and prior. This flaw exists in the storage system's software, where special elements in OS commands are not properly sanitized, potentially allowing malicious input to alter command execution.

An unauthenticated attacker with remote network access can exploit this vulnerability with low attack complexity, requiring no privileges or user interaction, and without changing the scope of impact. Successful exploitation could lead to arbitrary command execution on the affected system, with low impacts to confidentiality, integrity, and availability, as reflected in its CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).

Dell has issued security advisory DSA-2025-116, which provides a security update addressing multiple vulnerabilities in Dell Unity, Dell UnityVSA, and Dell Unity XT, including CVE-2024-49601. Practitioners should consult the advisory for patch deployment details and mitigation guidance.

EU & UK References

Vulnerability details

Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

OS command injection in remotely accessible Dell Unity storage system enables unauthenticated remote arbitrary command execution, directly mapping to exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-24382Same product: Dell Unity Operating Environment
CVE-2025-36604Same product: Dell Unity Operating Environment
CVE-2025-22398Same product: Dell Unity Operating Environment
CVE-2025-24383Same product: Dell Unity Operating Environment
CVE-2025-23383Same product: Dell Unity Operating Environment
CVE-2026-22277Same product: Dell Unity Operating Environment
CVE-2025-24385Same product: Dell Unity Operating Environment
CVE-2025-24380Same product: Dell Unity Operating Environment
CVE-2025-24386Same product: Dell Unity Operating Environment
CVE-2024-49564Same product: Dell Unity Operating Environment

Affected Assets

dell
unity operating environment
≤ 5.5.0.0.5.259

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Timely flaw remediation through application of Dell's security update directly prevents exploitation of the OS command injection vulnerability in CVE-2024-49601.

prevent

Information input validation neutralizes special elements in inputs to OS commands, directly mitigating the improper neutralization flaw enabling command injection.

detect

Vulnerability monitoring and scanning identifies the OS command injection vulnerability in Dell Unity systems, enabling prioritized remediation.

References