Technical Advisory – Arbitrary File Read in Dell Wyse Management Suite (CVE-2021-21586, CVE-2021-21587)

Vendor: Dell Vendor URL: https://www.dell.com/support/home/en-us/product-support/product/wyse-wms/drivers Versions affected: Prior to version 3.3 Systems Affected: Any Author: Stephen Tomkinson stephen.tomkinson@nccgroup.com Advisory URL / CVE Identifier: https://www.dell.com/support/kbdoc/en-us/000189363/dsa-2021-137-dell-wyse-management-suite-wms-security-update-for-multiple-vulnerabilities CVE-2021-21586, CVE-2021-21587 Risk: High – can lead to compromise of administrative sessions Summary Thin clients are often found in secure environments as their diskless operation reduces physical security risks. Wyse Management … Continue reading Technical Advisory – Arbitrary File Read in Dell Wyse Management Suite (CVE-2021-21586, CVE-2021-21587)