Description

Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.

INFO

Published Date :

2025-03-07T08:06:12.680Z

Last Modified :

2026-02-26T19:09:44.393Z

Source :

dell
AFFECTED PRODUCTS

The following products are affected by CVE-2025-26331 vulnerability.

Vendors Products
Dell
  • Latitude 3420
  • Latitude 3440
  • Latitude 5440
  • Latitude 5450
  • Optiplex 3000 Thin Client
  • Optiplex 5400 All-in-one
  • Optiplex 7410 All-in-one
  • Optiplex 7420 All-in-one
  • Thinos
  • Wyse 5070 Thin Client
  • Wyse 5470 All-in-one Thin Client
  • Wyse 5470 Mobile Thin Client
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-26331.

URL Resource
https://www.dell.com/support/kbdoc/en-us/000289886/dsa-2025-107 cve-icon cve-icon
https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2025-26331 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact