Skip to main content

Dell EUVDEUVD-2026-25901

| CVE-2026-32655 MEDIUM
Least Privilege Violation (CWE-272)
2026-04-27 dell
5.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
Low

Lifecycle Timeline

4
Patch released
Apr 28, 2026 - 20:13 nvd
Patch available
Patch available
Apr 27, 2026 - 20:01 EUVD
EUVD ID Assigned
Apr 27, 2026 - 19:00 euvd
EUVD-2026-25901
CVE Published
Apr 27, 2026 - 18:14 nvd
MEDIUM 5.3

DescriptionCVE.org

Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Analysis

Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

More in Dell

View all
CVE-2012-2962 MEDIUM POC
6.5 Jul 30

SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2

CVE-2014-8420 CRITICAL POC
9.0 Nov 25

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before

CVE-2012-3951 HIGH POC
7.5 Jul 31

The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default passwor

CVE-2014-4977 MEDIUM POC
6.5 Jul 16

Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute

CVE-2026-22769 CRITICAL
10.0 Feb 17

Dell RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1 contains hardcoded credentials (CVE-2026-22769, CVSS 10.0) t

CVE-2014-125113 CRITICAL POC
9.3 Aug 05

An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance vers

CVE-2012-2626 MEDIUM POC
5.0 Jul 31

cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not requir

CVE-2014-8272 MEDIUM POC
5.0 Dec 19

The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57

CVE-2017-10955 HIGH
8.8 Oct 19

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection

CVE-2012-2627 CRITICAL POC
9.4 Jul 31

d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allows remote at

CVE-2021-21551 HIGH POC
7.8 May 04

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privile

CVE-2025-36604 HIGH POC
7.3 Aug 04

Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('

Share

EUVD-2026-25901 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy