Arbitrary access vulnerabilities found in Dell Wyse thin clients

Researchers have discovered two vulnerabilities in Dell Wyse thin clients.

If these devices were exploited by attackers, they could gain access to arbitrary files.

Under the Common Vulnerability Scoring System, the devices received a score of 10, which is the most alarming rating possible.

CyberMDX, a healthcare cyber security provider, posted the detailed findings on the company’s official blog.

An unauthorised third party could exploit the vulnerability to run malicious code and access arbitrary files on every machine that is affected by it.

Dell Wyse ThinOS 8.6 is the operating system that the thin clients run on.

Wyse has been developing thin clients since the 1990s.

Many healthcare providers choose to run Dell Wyse thin clients inside their networks.

In response to the situation, Dell has remediated the vulnerabilities.

The first vulnerability, dubbed DVE-2020-29491, allows users to connect to a configuration server and view the configuration settings of other clients.

This includes sensitive data such as passwords.

The second vulnerability is dubbed CVE-2020-29492 and allows server access as well as the alteration of configuration settings of other thin clients.

Thin client devices are small computers set up for the purposes of performing a remote desktop connection to other hardware.Elad Luz, head of research at CyberMDX, believes that security is often overlooked when it comes to these devices.

The default configuration allows anyone to access the FTP server and modify the INI file that stores configuration settings for the devices.

Craig Young, security researcher at Tripwire, said that the model of devices pulling configurations from a shared anonymous FTP server would not seem out of place 20 or 30 years ago.

Nevertheless, numerous healthcare providers still operate their networks in such a manner, which is a cause for concern.