CVE Details
Basic Information
| Title | CVE-2025-36607 |
|---|---|
| Type | cve |
| Published | 2025-08-04T14:12:56.544Z |
| Modified | 2025-08-04T14:12:56.544Z |
Product Information
| Vendor | Dell |
|---|---|
| Product | Unity |
| Version | N/A |
CVSS Information
| Base Score | 7.8 (HIGH) |
|---|---|
| Attack Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
AI Analysis
| AI Description | Dell Unity versions 5.5 and prior have an OS Command Injection Vulnerability in the svc_nas utility. An authenticated attacker can exploit this to escape the restricted shell and execute arbitrary OS commands with root privileges. |
|---|---|
| AI Severity | High |
| AI Vendor | Dell |
| AI Product | Dell Unity |
| AI Version | 5.5 and prior |
Affected Products
- Dell Unity N/A
Additional Information
| CWE List | CWE-78 |
|---|---|
| Source | dell |
Description
Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.