Critical
Third-party Component | CVEs | More Information |
Cisco Jabber | CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27780 , CVE-2022-27781, CVE-2022-27782, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-35252, CVE-2022-42916, CVE-2022-42915, CVE-2022-32221, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2024-7264, CVE-2023-46219, CVE-2022-2097, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-4807, CVE-2023-5678, CVE-2024-0727, CVE-2021-38593, CVE-2021-45930, CVE-2022-25255, CVE-2022-25634, CVE-2021-3481, CVE-2023-24607, CVE-2023-32573, CVE-2023-33285, CVE-2023-32762, CVE-2023-32763, CVE-2023-34410, CVE-2023-38197, CVE-2021-28025, CVE-2023-37369, CVE-2023-43114, CVE-2023-51714, CVE-2024-39936, CVE-2023-52355, CVE-2024-25062 | See NVD Link below for individual scores for each CVE. http://nvd.nist.gov/ |
Cisco Webex Meetings VDI | CVE-2024-7264 | See NVD Link below for individual scores for each CVE. http://nvd.nist.gov/ |
Cisco Webex App VDI | CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-4807, CVE-2023-5678, CVE-2024-0727 | See NVD Link below for individual scores for each CVE. http://nvd.nist.gov/ |
Citrix Workspace App | CVE-2020-10029, CVE-2020-6096, CVE-2020-1752, CVE-2020-29562, CVE-2019-25013, CVE-2021-3326, CVE-2021-27645, CVE-2020-27618, CVE-2021-35942, CVE-2021-38604, CVE-2022-23218, CVE-2022-23219, CVE-2023-0687, CVE-2023-4813, CVE-2023-4527, CVE-2001-0034, CVE-2017-11103, CVE-2017-6594, CVE-2017-17439, CVE-2019-12098, CVE-2018-16860, CVE-2022-41916, CVE-2022-44640, CVE-2022-42898, CVE-2021-44758, CVE-2022-3116, CVE-2014-6272, CVE-2013-0340, CVE-2021-29338, CVE-2022-1122, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-7104, CVE-2022-37434 | See NVD Link below for individual scores for each CVE. http://nvd.nist.gov/ |
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2024-53290 |
Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Command execution |
8.4 |
|
CVE-2024-53289 |
Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. |
7.8 |
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2024-53290 |
Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Command execution |
8.4 |
|
CVE-2024-53289 |
Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. |
7.8 |
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Release Date |
Link |
CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27780 , CVE-2022-27781, CVE-2022-27782, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-35252, CVE-2022-42916, CVE-2022-42915, CVE-2022-32221, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2024-7264, CVE-2023-46219, CVE-2022-2097, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-4807, CVE-2023-5678, CVE-2024-0727, CVE-2021-38593, CVE-2021-45930, CVE-2022-25255, CVE-2022-25634, CVE-2021-3481, CVE-2023-24607, CVE-2023-32573, CVE-2023-33285, CVE-2023-32762, CVE-2023-32763, CVE-2023-34410, CVE-2023-38197, CVE-2021-28025, CVE-2023-37369, CVE-2023-43114, CVE-2023-51714, CVE-2024-39936, CVE-2023-52355, CVE-2024-25062 |
ThinOS 2411 |
Cisco Jabber |
Add-on Cisco_Jabber_14.3.1.308744.9 |
Add-on Cisco_Jabber_15.0.0.309289.6 |
11/28/2024 |
ThinOS 2411 (9.5.4070) Cisco Jabber package v15.0.0.309289.6 | Driver Details |
CVE-2024-7264 |
ThinOS 2411 |
Cisco Webex Meetings VDI |
Add-on Cisco_Webex_Meetings_VDI_44.6.2.3.4 |
Add-on Cisco_Webex_Meetings_VDI_44.10.1.3.4 |
11/28/2024 |
ThinOS 2411 (9.5.4070) Cisco Webex Meetings VDI package v44.10.1.3.4 | Driver Details |
CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-4807, CVE-2023-5678, CVE-2024-0727 |
ThinOS 2411 |
Cisco Webex App VDI |
Add-on Cisco_Webex_App_VDI_44.6.0.30048.2 |
Add-on Cisco_Webex_App_VDI_44.10.0.30906.5 |
11/28/2024 |
ThinOS 2411 (9.5.4070) Cisco Webex App VDI package v44.10.0.30906.5 | Driver Details |
CVE-2020-10029, CVE-2020-6096, CVE-2020-1752, CVE-2020-29562, CVE-2019-25013, CVE-2021-3326, CVE-2021-27645, CVE-2020-27618, CVE-2021-35942, CVE-2021-38604, CVE-2022-23218, CVE-2022-23219, CVE-2023-0687, CVE-2023-4813, CVE-2023-4527, CVE-2001-0034, CVE-2017-11103, CVE-2017-6594, CVE-2017-17439, CVE-2019-12098, CVE-2018-16860, CVE-2022-41916, CVE-2022-44640, CVE-2022-42898, CVE-2021-44758, CVE-2022-3116, CVE-2014-6272, CVE-2013-0340, CVE-2021-29338, CVE-2022-1122, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-7104, CVE-2022-37434 |
ThinOS 2411 |
Citrix Workspace App |
Add-on Citrix_Workspace_App_24.2.0.65.17 |
Add-on Citrix_Workspace_App_24.8.0.98.67
|
11/28/2024 |
ThinOS 2411 (9.5.4070) Citrix package v24.8.0.98.67 | Driver Details |
CVE-2024-53290, CVE-2024-53289 |
ThinOS 2411 |
Operating System |
ThinOS 2408 |
ThinOS 2411 |
11/28/2024 |
ThinOS 9.1.3129 or later to ThinOS 2411 (9.5.4070) Upgrade Image file | Driver Details |
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Release Date |
Link |
CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27780 , CVE-2022-27781, CVE-2022-27782, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-35252, CVE-2022-42916, CVE-2022-42915, CVE-2022-32221, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2024-7264, CVE-2023-46219, CVE-2022-2097, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-4807, CVE-2023-5678, CVE-2024-0727, CVE-2021-38593, CVE-2021-45930, CVE-2022-25255, CVE-2022-25634, CVE-2021-3481, CVE-2023-24607, CVE-2023-32573, CVE-2023-33285, CVE-2023-32762, CVE-2023-32763, CVE-2023-34410, CVE-2023-38197, CVE-2021-28025, CVE-2023-37369, CVE-2023-43114, CVE-2023-51714, CVE-2024-39936, CVE-2023-52355, CVE-2024-25062 |
ThinOS 2411 |
Cisco Jabber |
Add-on Cisco_Jabber_14.3.1.308744.9 |
Add-on Cisco_Jabber_15.0.0.309289.6 |
11/28/2024 |
ThinOS 2411 (9.5.4070) Cisco Jabber package v15.0.0.309289.6 | Driver Details |
CVE-2024-7264 |
ThinOS 2411 |
Cisco Webex Meetings VDI |
Add-on Cisco_Webex_Meetings_VDI_44.6.2.3.4 |
Add-on Cisco_Webex_Meetings_VDI_44.10.1.3.4 |
11/28/2024 |
ThinOS 2411 (9.5.4070) Cisco Webex Meetings VDI package v44.10.1.3.4 | Driver Details |
CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3817, CVE-2023-4807, CVE-2023-5678, CVE-2024-0727 |
ThinOS 2411 |
Cisco Webex App VDI |
Add-on Cisco_Webex_App_VDI_44.6.0.30048.2 |
Add-on Cisco_Webex_App_VDI_44.10.0.30906.5 |
11/28/2024 |
ThinOS 2411 (9.5.4070) Cisco Webex App VDI package v44.10.0.30906.5 | Driver Details |
CVE-2020-10029, CVE-2020-6096, CVE-2020-1752, CVE-2020-29562, CVE-2019-25013, CVE-2021-3326, CVE-2021-27645, CVE-2020-27618, CVE-2021-35942, CVE-2021-38604, CVE-2022-23218, CVE-2022-23219, CVE-2023-0687, CVE-2023-4813, CVE-2023-4527, CVE-2001-0034, CVE-2017-11103, CVE-2017-6594, CVE-2017-17439, CVE-2019-12098, CVE-2018-16860, CVE-2022-41916, CVE-2022-44640, CVE-2022-42898, CVE-2021-44758, CVE-2022-3116, CVE-2014-6272, CVE-2013-0340, CVE-2021-29338, CVE-2022-1122, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-7104, CVE-2022-37434 |
ThinOS 2411 |
Citrix Workspace App |
Add-on Citrix_Workspace_App_24.2.0.65.17 |
Add-on Citrix_Workspace_App_24.8.0.98.67
|
11/28/2024 |
ThinOS 2411 (9.5.4070) Citrix package v24.8.0.98.67 | Driver Details |
CVE-2024-53290, CVE-2024-53289 |
ThinOS 2411 |
Operating System |
ThinOS 2408 |
ThinOS 2411 |
11/28/2024 |
ThinOS 9.1.3129 or later to ThinOS 2411 (9.5.4070) Upgrade Image file | Driver Details |
None
Revision |
Date |
Description |
1.0 |
2024-12-02 |
Initial Release |
2.0 |
2024-12-03 |
Updated for enhanced presentation with no change in content. |
3.0 |
2024-12-04 |
Updated Third-party component table section for Cisco Jabber: Updated CVEs: CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-32206, CVE-2022-32207 Updated Affected Products and Remediation table: Updated CVEs: CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-32206, CVE-2022-32207 |
4.0 |
2024-12-10 |
Added Proprietary Code component table section and Updated Affected Products and Remediation table: Added CVEs: CVE-2024-53290, CVE-2024-53289 |