CVE-2025-24380
Published: 28 March 2025
Summary
CVE-2025-24380 is a high-severity OS Command Injection (CWE-78) vulnerability in Dell Unity Operating Environment. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Unix Shell (T1059.004); ranked at the 48.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses improper neutralization of special elements by requiring information input validation at points where user inputs could reach OS commands.
Enables timely remediation of the specific OS command injection flaw through vendor patches as provided in Dell advisory DSA-2025-116.
Mitigates privilege escalation from low-privileged local attackers by enforcing least privilege on accounts that could exploit the injection vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
OS command injection vulnerability directly enables arbitrary command execution via Unix shell (T1059.004) and facilitates local privilege escalation (T1068) for low-privileged users.
NVD Description
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation…
more
of privileges.
Deeper analysisAI
CVE-2025-24380 is an OS Command Injection vulnerability (CWE-78) affecting Dell Unity storage systems in versions 5.4 and prior. The flaw stems from improper neutralization of special elements used in an OS command, allowing malicious input to alter command execution. It has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts with low attack complexity for local, low-privileged users.
A low-privileged attacker with local access to the affected Dell Unity system could exploit this vulnerability to execute arbitrary OS commands and elevate privileges. Successful exploitation would grant the attacker higher-level access, potentially enabling full system compromise, data manipulation, or further lateral movement within the storage environment.
Dell has addressed this issue in security advisory DSA-2025-116, detailed in KB article 000300090, which provides updates for Dell Unity, Dell UnityVSA, and Dell Unity XT systems covering multiple vulnerabilities including CVE-2025-24380. Security practitioners should consult the advisory for patch deployment instructions and verify system versions against the affected range.
Details
- CWE(s)