On Monday, a team of researchers revealed two critical security flaws it found in Dell Wyse Thin clients that could have possibly let hackers remotely perform malevolent code and access arbitrary files on compromised devices.
Discovered by CyberMDX, a company that specializes in healthcare cybersecurity, the flaws can be leveraged to access random files on compromised devices and perform malicious code.
Dell Wyse Thin Client is a minor form-factor PC series that runs an operating system named ThinOS, which Dell publicizes as “the most secure thin client operating system.” As per CyberMDX, there are over 6,000 organizations using these products, including many healthcare providers, only in the United States.
The researchers observed that the local FTP server used by Wyse Thin Client devices to gain new firmware, packages and configurations is, by default, accessible without identifications, allowing anyone on the network to access it.
A cybercriminal could access an INI file stored on this server that comprises configuration data for thin client devices and make modifications to that file.
“The INI files contain a long list of configurable parameters detailed on more than 100 pages by official Dell documentation,” CyberMDX explained in its advisory. “Reading or altering those parameters opens the door to a variety of attack scenarios. Configuring and enabling VNC for full remote control, leaking remote desktop credentials, and manipulating DNS results are some of the scenarios to be aware of.”