DSA-2021-096: Dell Wyse Windows Embedded System Security Update for an Improper Authorization Vulnerability
Summary: Dell Wyse Windows Embedded System (WIE10 LTSC 2019) Security update contains remediation for an improper authorization vulnerability.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Medium
Details
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021- 21552 | Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass the restricted environment and perform unauthorized actions on the affected system. | 5.2 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021- 21552 | Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass the restricted environment and perform unauthorized actions on the affected system. | 5.2 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
Affected Products & Remediation
| Product | Affected Versions | Updated Versions | Link to Update | |
|
Dell Wyse 5070 Thin Client |
Versions WIE10 LTSC 2019 and earlier |
Security Update |
|
|
|
Dell Wyse 5470 Thin Client |
Versions WIE10 LTSC 2019 and earlier |
Security Update |
|
|
|
Dell Wyse 5470 All-In-One Thin Client |
Versions WIE10 LTSC 2019 and earlier |
Security Update |
||
| Product | Affected Versions | Updated Versions | Link to Update | |
|
Dell Wyse 5070 Thin Client |
Versions WIE10 LTSC 2019 and earlier |
Security Update |
|
|
|
Dell Wyse 5470 Thin Client |
Versions WIE10 LTSC 2019 and earlier |
Security Update |
|
|
|
Dell Wyse 5470 All-In-One Thin Client |
Versions WIE10 LTSC 2019 and earlier |
Security Update |
||
Revision History
| Revision | Date | Description |
| 1.0 | 2021-05-11 | Initial Release |
Acknowledgements
Dell would like to thank Alessandro Baldini and Alessio D'Anastasio for reporting this issue.
Related Information
Legal Disclaimer
Affected Products
Product Security Information, Wyse 5070 Thin Client, Wyse 5470 All-In-One, Wyse 5470Article Properties
Article Number: 000186134
Article Type: Dell Security Advisory
Last Modified: 18 Sep 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.