1 Rookie
•
5 Posts
0
182
July 8th, 2025 05:31
Questions Regarding Recent Vulnerability in DELL EMC Unity Series
Dear Support
Greetings,
Regarding the recent vulnerability identified in DELL EMC Unity series devices (CVE-2025-23838), I have two questions:
1. Is version 5.4.1, which was released in September 2024, affected by this vulnerability?
2. Considering that version 5.5 has already been released, is there a specific reason why it has not yet been introduced as a Target Version?
Thank you in advance for your support.
Best regards
No Events found!
DELL-Josh Cr
Moderator
•
9.2K Posts
0
July 8th, 2025 15:45
It depends on if you value fixing the security over long term testing of 5.4. If the rest of your security measures are preventing remote access then the risk of staying on 5.4 is low. If it is accessed remotely 5.5 is safer even if it doesn't have the longebity to be the recommended version.
DELL-Josh Cr
Moderator
•
9.2K Posts
0
July 8th, 2025 12:33
Hi,
Thanks for your question.
Where are you seeing that it is affected? I don’t see it on our security advisories page https://www.dell.com/support/security/en-us
Let us know if you have any additional questions.
Siahsefid
1 Rookie
•
5 Posts
0
July 8th, 2025 12:49
@DELL-Josh Cr
Sorry it wat typing mistake
I mean CVE-2025-24383
Which was an critical CVE in all of unity devices.
Should we upgarde to 5.5 or 5.4.1 is ok and not vulnerable?
Best regards.
DELL-Josh Cr
Moderator
•
9.2K Posts
1
July 8th, 2025 12:57
https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities it is fixed in 5.5.0.0.5.259
Siahsefid
1 Rookie
•
5 Posts
0
July 8th, 2025 13:08
@DELL-Josh Cr
Sorry again.
So if it is fixed in 5.5.0.0.5.259.
Why it is not as a Target or Recommenced code version?
Is there any risk to upgarde from 5.4 to 5.5??
Coz in order to your last comment every OE version lower than 5.5 is Vulnerable!
DELL-Josh Cr
Moderator
•
9.2K Posts
0
July 8th, 2025 13:14
https://www.dell.com/support/product-details/en-us/product/unity-family/drivers it is showing recommended. You should upgrade, there shouldn’t be any issues upgrading from 5.4.
Siahsefid
1 Rookie
•
5 Posts
0
July 8th, 2025 13:31
@DELL-Josh Cr
https://www.dell.com/support/kbdoc/en-us/000020641/dell-emc-unity-oe-revision-matrix
In this link as the commpany said the 5.5 version is not bold!
Which means that it is not recommended.
DELL-Josh Cr
Moderator
•
9.2K Posts
0
July 8th, 2025 13:50
It might not meet the other requirements for being recommended.
Siahsefid
1 Rookie
•
5 Posts
0
July 8th, 2025 14:45
@DELL-Josh Cr
Finally it is recommended or not??
Ethanjohn125
1 Rookie
•
6 Posts
0
July 9th, 2025 11:15
Thanks for raising these important questions. Clarifying whether version 5.4.1 is affected by CVE-2025-23838 is crucial for current deployments. Also curious about the delay in promoting 5.5 as a Target Version would be helpful to understand if stability or compatibility concerns are behind it. Looking forward to official input.
DELL-Josh Cr
Moderator
•
9.2K Posts
0
July 9th, 2025 14:00
There is no delay in promoting 5.5, it is using the normal process.