CVE-2025-24383
Published: 28 March 2025
Summary
CVE-2025-24383 is a critical-severity OS Command Injection (CWE-78) vulnerability in Dell Unity Operating Environment. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 14.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and SI-10 (Information Input Validation).
Deeper analysis
Dell Unity versions 5.4 and prior contain an OS command injection vulnerability tracked as CVE-2025-24383 and CWE-78. The flaw carries a CVSS 3.1 score of 9.1 and permits improper neutralization of special elements in operating-system commands, enabling manipulation of file-system operations with root privileges.
An unauthenticated attacker with remote network access can exploit the issue to delete arbitrary files on the affected storage system, including critical system files that could lead to denial of service or further compromise.
Dell security advisory DSA-2025-116 addresses the vulnerability and explicitly recommends that customers upgrade Dell Unity, UnityVSA, and Unity XT systems at the earliest opportunity.
The associated EPSS score rose from a low baseline to a peak of 0.1182 on 2026-02-03 before receding to its current value of 0.0246, indicating a period of increased exploitation interest after public disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-8546
Vulnerability details
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to delete arbitrary files. This vulnerability is…
more
considered critical as it can be leveraged to delete critical system files as root. Dell recommends customers to upgrade at the earliest opportunity.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
OS command injection in public-facing Dell Unity storage system enables remote unauthenticated exploitation (T1190), arbitrary command execution via Unix shell (T1059.004), and targeted file deletion for data destruction (T1485).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Timely flaw remediation through vendor-recommended upgrades directly eliminates the OS command injection vulnerability, preventing arbitrary root-level file deletion.
Information input validation neutralizes special elements in inputs to OS commands, directly blocking command injection exploits.
Restricts permitted actions without identification or authentication, limiting unauthenticated remote access to capabilities exploitable for file deletion.