What is the CVSS score of CVE-2026-40713?

CVE-2026-40713 has a CVSS 3.1 base score of 6.1 (Medium). CVSS vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.0%.

Is there a patch available for CVE-2026-40713?

Yes, a patch is available for CVE-2026-40713. Update the affected software to the latest version immediately.

Dell ThinOS CVE-2026-40713

EUVD-2026-33977 MEDIUM

Improper Access Control (CWE-284)

2026-06-02 dell

GHSA-972f-c53g-w92c

Authentication Bypass Information Disclosure Dell

6.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Physical

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Patch available

Jun 02, 2026 - 19:01 EUVD

Analysis Generated

Jun 02, 2026 - 17:34 vuln.today

DescriptionNVD

Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information exposure.

AnalysisAI

Physical access to Dell ThinOS 10 endpoints running versions prior to ThinOS10 2602_10.0765 allows an unauthenticated attacker to bypass access controls, exposing sensitive information with high confidentiality and integrity impact. The flaw, rooted in CWE-284 (Improper Access Control), enables circumvention of authentication or authorization mechanisms at the device level without requiring prior credentials. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory