Skip to main content

Dell DDPM CVE-2026-46735

| EUVDEUVD-2026-39410 HIGH
OS Command Injection (CWE-78)
2026-06-25 dell GHSA-7hqh-37x3-vv4j
7.8
CVSS 3.1 · Vendor: dell
Share

Severity by source

Vendor (dell) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
7.8 HIGH

Description confirms local access by a low-privileged attacker (AV:L, PR:L), no user interaction, and command execution yielding full C/I/A impact.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (dell).

CVSS VectorVendor: dell

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jun 25, 2026 - 15:15 vuln.today

DescriptionCVE.org

Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

AnalysisAI

OS command injection in Dell Display and Peripheral Manager (DDPM) for macOS, all versions prior to 2.3, allows a low-privileged local user to inject and execute arbitrary operating-system commands through improperly neutralized special elements (CWE-78). Because the affected component is a privileged peripheral-management utility, successful injection can yield command execution with full impact to confidentiality, integrity, and availability. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local low-priv account on Mac
Delivery
Locate DDPM command-handling input
Exploit
Inject shell metacharacters into OS command
Execution
Application executes injected commands
Impact
Escalate privileges / full host compromise

Vulnerability AssessmentAI

Exploitation Exploitation requires that Dell Display and Peripheral Manager (version below 2.3) be installed on the target macOS host, and that the attacker already possess local access with a low-privileged account (CVSS PR:L, AV:L) - there is no network-facing component and no user interaction is needed (UI:N). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score is 7.8 (High) with vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - local attack vector, low complexity, low privileges required, no user interaction, and high impact across all three security properties. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A low-privileged user (or malware running in that user's context) on a Mac with DDPM installed supplies crafted input containing shell metacharacters to a DDPM function that builds an OS command, causing the application - potentially via a privileged helper - to execute attacker-chosen commands. This gives the attacker code execution and a path to escalate privileges or persist on the host. …
Remediation Vendor-released patch: version 2.3 - upgrade Dell Display and Peripheral Manager for macOS to 2.3 or later, per Dell advisory DSA-2026-267 (https://www.dell.com/support/kbdoc/en-hk/000475656/dsa-2026-267). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all systems running DDPM for macOS and identify versions in use. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-46735 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy