CVE-2025-24383
Published: 28 March 2025
Summary
CVE-2025-24383 is a critical-severity OS Command Injection (CWE-78) vulnerability in Dell Unity Operating Environment. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 18.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Timely flaw remediation through vendor-recommended upgrades directly eliminates the OS command injection vulnerability, preventing arbitrary root-level file deletion.
Information input validation neutralizes special elements in inputs to OS commands, directly blocking command injection exploits.
Restricts permitted actions without identification or authentication, limiting unauthenticated remote access to capabilities exploitable for file deletion.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
OS command injection in public-facing Dell Unity storage system enables remote unauthenticated exploitation (T1190), arbitrary command execution via Unix shell (T1059.004), and targeted file deletion for data destruction (T1485).
NVD Description
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to delete arbitrary files. This vulnerability is…
more
considered critical as it can be leveraged to delete critical system files as root. Dell recommends customers to upgrade at the earliest opportunity.
Deeper analysisAI
CVE-2025-24383 is an OS command injection vulnerability (CWE-78) affecting Dell Unity storage systems in versions 5.4 and prior. The flaw stems from improper neutralization of special elements used in an OS command, allowing malicious input to execute arbitrary commands. It has a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H), reflecting its critical severity due to network accessibility, low attack complexity, and lack of prerequisites for exploitation.
An unauthenticated attacker with remote network access can exploit this vulnerability to delete arbitrary files on the targeted system. Successful exploitation enables deletion of critical system files with root privileges, potentially disrupting storage operations, causing denial of service, or leading to data loss through targeted file removal.
Dell's security advisory (DSA-2025-116) recommends that customers upgrade affected Dell Unity, UnityVSA, and Unity XT systems at the earliest opportunity to mitigate the vulnerability, as detailed in the knowledge base article at https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities.
Details
- CWE(s)