DSA-2026-211 -: Security Update for Dell Unity, Dell UnityVSA and Dell Unity XT Security Update for Multiple Vulnerabilities

概要: Dell UnityVSA and Dell Unity XT remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

影響

詳細

影響を受ける製品と修復

変更履歴

法的免責事項

対象製品

フィードバックの提供

この記事は次に適用されます：この記事は次には適用されません：この記事は、特定の製品に関連付けられていません。すべての製品パージョンがこの記事に記載されているわけではありません。

他のリソースを確認する

影響

High

詳細

Third-party Component	CVEs	More Information
OpenSSL	CVE-2025-68160, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796	https://nvd.nist.gov/vuln/search

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2026-32659	Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.	7.0	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2026-32660	Dell UnityVSA, version(s) 5.5.3 and prior, contain(s) an Observable Discrepancy vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2026-32795	Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.	7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2026-32796	Dell Unity, version(s) 5.5.3 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.	8.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2026-32797	Dell Unity, version(s) 5.5.3 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Information disclosure.	7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2026-32798	Dell Unity, version(s) 5.5.3 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.	7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2026-32799	Dell UnityVSA, version(s) 5.5.3 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.	6.8	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2026-32800	Dell UnityVSA, version(s) 5.5.3 and prior, contain(s) an Improper Neutralization of Special Elements vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.	3.6	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2026-32801	Dell UnityVSA, version(s) 5.5.3 and prior, contain(s) an Improper Control of Generation of Code ('Code Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized command execution.	6.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2026-32659	Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.	7.0	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2026-32660	Dell UnityVSA, version(s) 5.5.3 and prior, contain(s) an Observable Discrepancy vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2026-32795	Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.	7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2026-32796	Dell Unity, version(s) 5.5.3 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.	8.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2026-32797	Dell Unity, version(s) 5.5.3 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Information disclosure.	7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2026-32798	Dell Unity, version(s) 5.5.3 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.	7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2026-32799	Dell UnityVSA, version(s) 5.5.3 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.	6.8	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2026-32800	Dell UnityVSA, version(s) 5.5.3 and prior, contain(s) an Improper Neutralization of Special Elements vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.	3.6	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2026-32801	Dell UnityVSA, version(s) 5.5.3 and prior, contain(s) an Improper Control of Generation of Code ('Code Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized command execution.	6.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

デル・テクノロジーズでは、すべてのお客様に対して、CVSSベーススコアに加えて、特定のセキュリティの脆弱性に付随する潜在的な重要度に影響する可能性のある現状スコアや環境スコアも考慮することをお勧めしています。

影響を受ける製品と修復

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2025-68160, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796, CVE-2026-32659, CVE-2026-32660, CVE-2026-32795, CVE-2026-32796, CVE-2026-32797, CVE-2026-32798, CVE-2026-32799, CVE-2026-32800, CVE-2026-32801	Dell Unity	Dell Unity Operating Environment (OE)	Versions prior to 5.5.4	5.5.4.0.5.037	https://www.dell.com/support/home/en-us/product-support/product/unity-all-flash-family/drivers

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2025-68160, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796, CVE-2026-32659, CVE-2026-32660, CVE-2026-32795, CVE-2026-32796, CVE-2026-32797, CVE-2026-32798, CVE-2026-32799, CVE-2026-32800, CVE-2026-32801	Dell Unity	Dell Unity Operating Environment (OE)	Versions prior to 5.5.4	5.5.4.0.5.037	https://www.dell.com/support/home/en-us/product-support/product/unity-all-flash-family/drivers

変更履歴

Revision	Date	Description
1.0	2025-05-29	Initial Release

法的免責事項

対象製品

Dell EMC Unity XT 380, Dell EMC Unity XT 480, Dell EMC Unity XT 680, Dell EMC Unity XT 880, Dell Unity Operating Environment (OE)

文書番号: 000470814

文書の種類: Dell Security Advisory

最終更新: 29 5月 2026

お使いのデバイスがサポートサービスの対象かどうかを確認してください。

DSA-2026-211 -: Security Update for Dell Unity, Dell UnityVSA and Dell Unity XT Security Update for Multiple Vulnerabilities

概要: Dell UnityVSA and Dell Unity XT remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

影響

詳細

影響を受ける製品と修復

変更履歴

関連情報

法的免責事項

対象製品

影響

詳細

影響を受ける製品と修復

変更履歴

関連情報

法的免責事項

対象製品

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポートサービス

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポートサービス

DSA-2026-211 -: Security Update for Dell Unity, Dell UnityVSA and Dell Unity XT Security Update for Multiple Vulnerabilities

概要: Dell UnityVSA and Dell Unity XT remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

詳細記事

影響

詳細

影響を受ける製品と修復

変更履歴

関連情報

法的免責事項

対象製品

影響

詳細

影響を受ける製品と修復

変更履歴

関連情報

法的免責事項

対象製品

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポート サービス

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポート サービス

サポートサービス

サポートサービス