CVE-2024-22222

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 12, 2024

Updated: Feb 16, 2024

CWE ID 78

Summary

CVE-2024-22222 is a critical OS Command Injection vulnerability affecting Dell Unity versions below 5.4. Malicious users with local access to the system can exploit this vulnerability in the svc_udoctor utility. Successful exploitation allows the attacker to execute arbitrary OS commands with the privileges of the vulnerable application, potentially causing significant damage to the underlying operating system. This vulnerability poses a serious threat and requires immediate attention and patching from Dell Unity users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Dell Technologies, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uElBm8
https://www.cve.org/CVERecord?id=CVE-2024-22222
https://nvd.nist.gov/vuln/detail/CVE-2024-22222

Back to Vulnerability Database

CVE-2024-22222

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations