What is the CVSS score of CVE-2026-44274?

CVE-2026-44274 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Dell Wyse Management Suite are affected by CVE-2026-44274?

Dell Wyse Management Suite versions prior to 2605 contain a privilege escalation vulnerability (CVE-2026-44274) that allows unprivileged local users to gain unauthorized access to sensitive system…. A patch is available.

How to fix or mitigate CVE-2026-44274?

Within 24 hours: Inventory all Dell WMS deployments and identify instances running versions prior to 2605; restrict local user login access to WMS systems to essential personnel only. Within 7 days: Implement mandatory access controls and file integrity monitoring on affected WMS servers; enable alerting for unauthorized file access attempts and symlink operations; isolate WMS systems to dedicated network segments where feasible. Within 30 days: Upgrade all affected instances to Dell WMS version 2605 or later once available; conduct post-upgrade validation testing.

Dell Wyse Management Suite CVE-2026-44274

EUVD-2026-38341 HIGH

Improper Link Resolution Before File Access (CWE-59)

2026-06-22 dell

GHSA-8qxf-7fxx-743x

Authentication Bypass Dell Wyse Management Suite Wms

7.8

CVSS 3.1 · Vendor: dell

Severity by source

Vendor (dell) PRIMARY

7.8 HIGH

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

vuln.today AI

7.8 HIGH

Local logon required (AV:L) with a standard user account (PR:L); symlink primitive is reliable (AC:L) and the privileged WMS service operation yields full CIA impact on the host.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (dell).

CVSS VectorVendor: dell

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch available

Jun 22, 2026 - 21:02 EUVD

Analysis Generated

Jun 22, 2026 - 20:15 vuln.today

DescriptionCVE.org

Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Link Resolution Before File Access vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

AnalysisAI

Local privilege-bound symlink abuse in Dell Wyse Management Suite (WMS) versions prior to 2605 allows a low-privileged local user to gain unauthorized access to files or resources they should not reach. The flaw is rooted in improper link resolution before file access (CWE-59), and while no public exploit has been identified at time of analysis, the CVSS 7.8 score reflects full confidentiality, integrity, and availability impact once the local prerequisite is met.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Obtain low-privileged local account on WMS host

Delivery

Identify WMS-writable directory and target file

Exploit

Plant symbolic link pointing at protected resource

Execution

WMS service follows link during file operation

Persist

Privileged read/write/delete on attacker-chosen target

Impact

Escalate to administrator or exfiltrate sensitive data

Access

Obtain low-privileged local account on WMS host

Delivery

Identify WMS-writable directory and target file

Exploit

Plant symbolic link pointing at protected resource

Execution

WMS service follows link during file operation

Persist

Privileged read/write/delete on attacker-chosen target

Impact

Escalate to administrator or exfiltrate sensitive data

Vulnerability AssessmentAI

Exploitation	Attacker must already have interactive or remote-shell local logon to the Windows host running Dell Wyse Management Suite prior to 2605, with a standard (non-administrator) user account that can create files and symbolic links in a directory touched by the WMS service. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H is internally consistent with a local low-privileged user achieving full CIA impact, which is the classic signature of a local privilege escalation via symlink abuse rather than a remote network exploit. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	A low-privileged local user on a Windows server hosting Dell Wyse Management Suite (for example, a help-desk operator account or a compromised service account) plants a symbolic link in a directory the WMS service writes to, pointing at a sensitive system file or a configuration file owned by SYSTEM. When the WMS service next performs its file operation, it follows the link and reads, overwrites, or deletes the attacker-chosen target, yielding privilege escalation or disclosure of protected data. …
Remediation	Vendor-released patch: upgrade Dell Wyse Management Suite to version 2605 or later per Dell DSA-2026-247 (https://www.dell.com/support/kbdoc/en-us/000472001/dsa-2026-247), which is the primary and recommended fix. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Dell WMS deployments and identify instances running versions prior to 2605; restrict local user login access to WMS systems to essential personnel only. …

Threat intelligence, references, and detailed analysis are available after sign-in.