Almost a dozen Dell Wyse thin client models are vulnerable to critical issues that could be exploited by a remote attacker to run malicious code and gain access to arbitrary files.
Thin clients are small form-factor computers used for remote desktop connections to a more powerful system. They are popular with organizations that don't need computers with high processing, storage, and memory on the network.
It is estimated that more than 6,000 organizations, most of them from the healthcare sector, have deployed Dell Wyse thin clients on their networks.
Configuration file at risk
The vulnerabilities (tracked as
CVE-2020-29492 and
CVE-2020-29491) are in components of ThinOS, the operating system on Dell Wyse thin clients.