Dell’s Wyse ThinOS operating system is vulnerable and endangers series computers. The two gaps are considered ” critical “. After successful attacks, attackers could completely compromise clients.

The security holes (CVE – 2020 – 29491, CVE – 2020 – 29492) have the highest possible CVSS Base Score 10 of 10 classified. They affect all versions of Wyse ThinOS up to and including 8.6. Dell issues a warning that the issue 8.6 MR8 is secured. The computer manufacturer also lists the affected models there.

In a contribution by the discoverers of the gaps in CyberMDX, the security researchers explain what possible attacks could look like. Devices of the Wyse Thin series are compact PCs as virtual desktop solutions that connect to a high-performance server for demanding computing tasks and thus carry out calculations.

The security problem Admins can also manage Wyse thin clients globally over the network – and this is where the security problem lies. A local FTP server is used as standard for remote administration, which provides firmware updates and configuration files, among other things.

This is problematic that the access succeeds without entering log-in data. The firmware files are signed, but this is not the case with INI configuration files. To make matters worse, a certain INI file is writable so that anyone in the network could manipulate this file.

In this way, attackers could manipulate files with comparatively little effort to gain control over clients the security researchers warn.

(des)