Application security, DevSecOps, Vulnerability Management, Patch/Configuration Management

Command execution possible with Dell UnityVSA vulnerability

Dell logo on textured black laptop, close up

HackRead reports that Dell UnityVSA, the software-defined version of the firm's Unity storage system, has been impacted by a severe pre-auth command injection vulnerability, tracked as CVE-2025-36604, which could be exploited to enable command execution without the necessary logins.

Threat actors could harness the flaw, which stems from UnityVSA's faulty login redirect URI management, to inject metacharacters in the URI and execute arbitrary commands, resulting in configuration changes, data access, additional script injections, and system takeovers, according to watchTowr researchers. Both Dell and watchTowr have urged immediate upgrades to UnityVSA versions 5.5.1 or later to address the security issue, with the latter also releasing a "Detection Artefact Generator", which is a Python script that helps identify vulnerable UnityVSA instances. Organizations have also been advised to monitor suspicious redirect URIs, shell executions, and other web access point-adjacent behaviors after patching their systems and using watchTowr's detection tool.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds