{"vulnerability": "CVE-2020-29492", "sightings": [{"uuid": "9cdf9071-91cf-4924-916d-26d9b69c48bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29492", "type": "seen", "source": "https://t.me/Yemen_Shield/684", "content": "Two critical flaws \u2014 CVSS score 10 \u2014 affect several models of Dell Wyse Thin Client devices, allowing attackers to remotely run malicious code and access arbitrary files.\n\nDetails: https://thehackernews.com/2020/12/two-critical-flaws-cvss-score-10-affect.html\n \nCVE-2020-29491\nCVE-2020-29492", "creation_timestamp": "2020-12-22T16:34:26.000000Z"}, {"uuid": "d36f4808-77ce-49d3-8919-f6e45c820314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29492", "type": "seen", "source": "https://t.me/CyberSecurityIL/1439", "content": "\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9:\n\n\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05d1-Thin Clients \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea Dell\n\n\u05e9\u05dc\u05d5\u05dd \u05e8\u05d1,\n\n1. \u05d7\u05d1\u05e8\u05ea Dell \u05e4\u05e8\u05e1\u05de\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e9\u05ea\u05d9 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea ( CVE-2020-29492, CVE-2020-29491) \u05e9\u05d4\u05ea\u05d2\u05dc\u05d5 \u05d1\u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d4\u05e4\u05e2\u05dc\u05d4 ThinOS, \u05d4\u05de\u05d9\u05d5\u05e2\u05d3\u05ea \u05dc-Thin clients \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\n\n2. \u05de\u05d5\u05de\u05dc\u05e5 \u05dc\u05d1\u05d7\u05d5\u05df \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05df \u05d1\u05d4\u05e7\u05d3\u05dd \u05d0\u05ea \u05d4\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d4\u05e2\u05d3\u05db\u05e0\u05d9\u05d5\u05ea \u05e9\u05e4\u05d5\u05e8\u05e1\u05de\u05d5 \u05e2\u05dc-\u05d9\u05d3\u05d9 \u05d4\u05d7\u05d1\u05e8\u05d4.", "creation_timestamp": "2020-12-23T12:55:38.000000Z"}, {"uuid": "a99439a2-f5cf-4fee-bc5b-d44c56379e69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29492", "type": "seen", "source": "https://t.me/CyberGovIL/1019", "content": "\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05d1-Thin Clients \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea Com2750 | Dell\n\n\u05d7\u05d1\u05e8\u05ea Dell \u05e4\u05e8\u05e1\u05de\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e9\u05ea\u05d9 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea ( CVE-2020-29492, CVE-2020-29491) \u05e9\u05d4\u05ea\u05d2\u05dc\u05d5 \u05d1\u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d4\u05e4\u05e2\u05dc\u05d4 ThinOS, \u05d4\u05de\u05d9\u05d5\u05e2\u05d3\u05ea \u05dc-Thin clients \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\n\n\u05de\u05d5\u05de\u05dc\u05e5 \u05dc\u05d1\u05d7\u05d5\u05df \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05df \u05d1\u05d4\u05e7\u05d3\u05dd \u05d0\u05ea \u05d4\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d4\u05e2\u05d3\u05db\u05e0\u05d9\u05d5\u05ea \u05e9\u05e4\u05d5\u05e8\u05e1\u05de\u05d5 \u05e2\u05dc-\u05d9\u05d3\u05d9 \u05d4\u05d7\u05d1\u05e8\u05d4.", "creation_timestamp": "2020-12-23T11:54:13.000000Z"}, {"uuid": "9b8d9f9e-1929-419f-98e7-73d424d63871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29492", "type": "seen", "source": "https://t.me/CyberGovIL/1083", "content": "\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05d1-Thin Clients \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea Dell\nhttps://www.gov.il/he/departments/publications/reports/dell_thin_clients\n\n\u05d7\u05d1\u05e8\u05ea Dell \u05e4\u05e8\u05e1\u05de\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e9\u05ea\u05d9 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea (CVE-2020-29492, CVE-2020-29491) \u05e9\u05d4\u05ea\u05d2\u05dc\u05d5 \u05d1\u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d4\u05e4\u05e2\u05dc\u05d4 ThinOS, \u05d4\u05de\u05d9\u05d5\u05e2\u05d3\u05ea \u05dc-Thin clients \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4. \u05de\u05d5\u05de\u05dc\u05e5 \u05dc\u05d1\u05d7\u05d5\u05df \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05df \u05d1\u05d4\u05e7\u05d3\u05dd \u05d0\u05ea \u05d4\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d4\u05e2\u05d3\u05db\u05e0\u05d9\u05d5\u05ea \u05e9\u05e4\u05d5\u05e8\u05e1\u05de\u05d5 \u05e2\u05dc-\u05d9\u05d3\u05d9 \u05d4\u05d7\u05d1\u05e8\u05d4.", "creation_timestamp": "2021-01-07T00:07:41.000000Z"}, {"uuid": "910d57e1-f673-4831-970a-c9900e5d7ca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29492", "type": "seen", "source": "https://t.me/cibsecurity/21562", "content": "\u203c CVE-2020-29492 \u203c\n\nDell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable file and manipulate the configuration of any target specific station.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-05T00:53:11.000000Z"}, {"uuid": "44e33e13-fd75-49d5-89ce-dae76951358a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29492", "type": "seen", "source": "https://t.me/CyberSecurityIL/524", "content": "\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9:\n\n\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05d1-Thin Clients \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea Dell\n\n\u05e9\u05dc\u05d5\u05dd \u05e8\u05d1,\n\n1. \u05d7\u05d1\u05e8\u05ea Dell \u05e4\u05e8\u05e1\u05de\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05e9\u05ea\u05d9 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea ( CVE-2020-29492, CVE-2020-29491) \u05e9\u05d4\u05ea\u05d2\u05dc\u05d5 \u05d1\u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d4\u05e4\u05e2\u05dc\u05d4 ThinOS, \u05d4\u05de\u05d9\u05d5\u05e2\u05d3\u05ea \u05dc-Thin clients \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\n\n2. \u05de\u05d5\u05de\u05dc\u05e5 \u05dc\u05d1\u05d7\u05d5\u05df \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05df \u05d1\u05d4\u05e7\u05d3\u05dd \u05d0\u05ea \u05d4\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d4\u05e2\u05d3\u05db\u05e0\u05d9\u05d5\u05ea \u05e9\u05e4\u05d5\u05e8\u05e1\u05de\u05d5 \u05e2\u05dc-\u05d9\u05d3\u05d9 \u05d4\u05d7\u05d1\u05e8\u05d4.", "creation_timestamp": "2020-12-23T12:55:38.000000Z"}, {"uuid": "abdd71d8-447d-475f-8c62-05a10521753b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29492", "type": "seen", "source": "https://t.me/information_security_channel/42441", "content": "The giant Dell Wyse is affected by two Critical Vulnerabilities CVE-2020-29491 and CVE-2020-29492 which targets thin client devices. The CyberMDX\u00a0Research team has discovered these vulnerabilities\u00a0on Dell Wyse thin clients, wherein when the vulnerability is exploited, the attackers can run malicious codes remotely and access arbitrary files on the affected devices. What is a thin client? [\u2026]\nThe post Critical Dell Wyse Bugs Let Attackers to Execute Code and Access Files and Credentials (https://gbhackers.com/critical-dell-wyse-bugs/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2020-12-22T13:47:00.000000Z"}, {"uuid": "2691ca76-93a1-4859-808b-f99a8af51957", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29492", "type": "seen", "source": "https://t.me/thehackernews/949", "content": "Two critical flaws \u2014 CVSS score 10 \u2014 affect several models of Dell Wyse Thin Client devices, allowing attackers to remotely run malicious code and access arbitrary files.\n\nDetails: https://thehackernews.com/2020/12/two-critical-flaws-cvss-score-10-affect.html\n \nCVE-2020-29491\nCVE-2020-29492", "creation_timestamp": "2020-12-21T17:59:56.000000Z"}]}