Rewterz

Gafgyt aka Bashlite Malware – Active IOCs

April 2, 2025
Rewterz

Multiple Mozilla Firefox Vulnerabilities

April 2, 2025

Multiple Dell Wyse Management Suite Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2025-29982 CVSS:6.8

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insecure Inherited Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

CVE-2025-29981 CVSS:7.5

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

CVE-2025-27694 CVSS:5.3

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insufficient Resource Pool vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

CVE-2025-27693 CVSS:4.9

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.

CVE-2025-27692 CVSS:4.7

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service, Information disclosure, and Remote execution

Impact

  • Denial of Service
  • Gain Access
  • Code Execution
  • Cross-Site Scripting
  • Information Disclosure

Indicators of Compromise

CVE

  • CVE-2025-29982

  • CVE-2025-29981

  • CVE-2025-27694

  • CVE-2025-27693

  • CVE-2025-27692

Affected Vendors

  • Dell

Affected Products

  • Dell Wyse Management Suite WMS 5.1

Remediation

Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.

Dell Security Advisory

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.