CVE-2025-24385
Published: 28 March 2025
Summary
CVE-2025-24385 is a high-severity OS Command Injection (CWE-78) vulnerability in Dell Unity Operating Environment. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 36.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires validation and sanitization of information inputs to OS commands, directly preventing exploitation of improper neutralization of special elements leading to command injection.
Mandates timely identification, reporting, and remediation of software flaws, such as applying Dell's DSA-2025-116 patch to correct the command injection vulnerability.
Enforces least privilege for users and processes, limiting the scope and impact of privilege escalation resulting from successful command injection by a low-privileged local attacker.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
OS command injection (CWE-78) in local low-priv context directly enables arbitrary code execution resulting in privilege escalation.
NVD Description
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation…
more
of privileges.
Deeper analysisAI
CVE-2025-24385 is an Improper Neutralization of Special Elements used in an OS Command, classified as an OS Command Injection vulnerability (CWE-78), affecting Dell Unity versions 5.4 and prior. This flaw exists in the storage system's software, where special elements in OS commands are not properly sanitized, potentially allowing malicious input to alter command execution.
A low-privileged attacker with local access to the system can exploit this vulnerability. Successful exploitation could lead to arbitrary code execution and elevation of privileges, granting the attacker higher-level access on the affected Dell Unity system. The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting high impacts on confidentiality, integrity, and availability with low attack complexity and no user interaction required.
Dell has addressed this issue in DSA-2025-116, a security update for multiple vulnerabilities in Dell Unity, Dell UnityVSA, and Dell Unity XT. Details and patches are available at https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities.
Details
- CWE(s)