BURSTDell Technologies has released a critical security update addressing multiple severe vulnerabilities in its Unity enterprise storage systems that could allow attackers to execute arbitrary commands as root, delete critical system files, and perform other malicious activities without authentication.
Security researchers identified sixteen distinct vulnerabilities affecting Dell Unity, Dell UnityVSA, and Dell Unity XT running versions 5.4 and prior, with the most severe receiving a CVSS score of 9.8.
Dell Unity Critical Vulnerabilities
CVE-2025-22398: Remote Root Command Execution
CVE-2025-22398 (CVSS 9.8) allows complete system takeover through unauthenticated remote command execution as root.
Attackers can craft malicious network requests to the Unity API, injecting operating system commands that execute with full administrative privileges.
This vulnerability exposes organizations to ransomware deployment, data exfiltration, and persistent backdoor installation.
Dell’s advisory explicitly states exploitation “may lead to a system take over by an attacker”, with the near-maximum CVSS score reflecting its combination of network accessibility, low attack complexity, and total loss of confidentiality/integrity/availability.
CVE-2025-24383: Privileged File Deletion
CVE-2025-24383 (CVSS 9.1) enables equally dangerous file system destruction through unauthenticated remote deletion of arbitrary files as root.
Attackers could erase critical system binaries, configuration files, or data stores – potentially crippling storage operations or enabling follow-up attacks.
While scored slightly lower due to its narrower Confidentiality Impact (NONE vs HIGH), this vulnerability shares the same attack vector and privilege escalation severity as CVE-2025-22398.
Additional Security Flaws
The security advisory also details CVE-2025-24381, an Open Redirect vulnerability scored at 8.8, which could enable phishing attacks and session theft through malicious redirects.
Further compounding the risk are multiple local privilege escalation vulnerabilities (CVE-2024-49563, CVE-2024-49564, CVE-2024-49565, CVE-2024-49566, CVE-2025-23383, CVE-2025-24377, CVE-2025-24378, CVE-2025-24379, CVE-2025-24380, CVE-2025-24385, CVE-2025-24386) with CVSS scores of 7.8, allowing low-privileged local users to execute commands with root privileges.
Two additional command injection vulnerabilities (CVE-2024-49601 and CVE-2025-24382) with CVSS 7.3 scores enable unauthenticated, remote attackers to execute commands with lower impact levels.
Dell acknowledged security researchers for responsibly disclosing these vulnerabilities: “prowser” discovered the critical remote command injection flaws, while “zzcentury” and “xiaohei” from Ubisectech Sirius Team identified the local privilege escalation vulnerabilities.
Affected Products and Remediation
The vulnerabilities impact Dell’s popular enterprise storage systems, including Unity, UnityVSA, and Unity XT, running versions 5.4 and prior.
Dell has released Dell Unity Operating Environment (OE) Version 5.5.0.0.5.259 as remediation and strongly recommends all customers upgrade immediately.
Organizations using affected Dell Unity systems should assess their exposure, implement the recommended update, and monitor for signs of exploitation while these critical vulnerabilities remain unpatched.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
The post Multiple Dell Unity Vulnerabilities Let Attackers Compromise Affected System appeared first on Cyber Security News.