CVE-2026-24502

← CVEs

HIGH 8.8

Published

2026-03-03

Last Modified

2026-03-05

Affected Apps

Affected Devices

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

Affected Applications in Environment 12

Dell Color Management v3.3.008.0

1 device

Dell Color Management v3.3.008.0

1 device

Digital Delivery v4.0.92.0

3 devices

Digital Delivery v4.0.51.0

1 device

Digital Delivery v4.0.70.0

1 device

Digital Delivery v4.0.90.0

2 devices

Digital Delivery v4.0.52.0

1 device

SupportAssist OS Recovery v5.5.15.

3 devices

SupportAssist OS Recovery v5.5.14.

1 device

SupportAssist OS Recovery v5.5.12.

2 devices

SupportAssist OS Recovery v3.3.0.4943

1 device

SupportAssist OS Recovery v4.1.0.6828

4 devices

Affected Devices 20

ARSUTLGU4FRRGEO Windows DPAPSB-YOUPING Windows DPBAST-7XKZKM3 Windows DPCBRC-5K1J4M3 Windows DPCBRC-JZTPZ12 Windows DPCBRC-JZTQ7M2 Windows DPHSOB-F3ZFQV3 Windows DPINFT-L23025SB Windows DPLIBR-8KQ4284 Windows DPLIBR-DNXNLL3 Windows DPMATH-F2Q5H63 Windows DPVPRS-9ZXCHR2 Windows DPZEAT-CSRXRF4 Windows DPZECO-DLH0X54 Windows MCCAUTO-01 Windows MCCAUTO-02 Windows MCCAUTO-03 Windows MCCAUTO-04 Windows MCCAUTO-06 Windows UB-V-218HPLC Windows

References 1

https://www.dell.com/support/kbdoc/en-us/000429179/dsa-2026-106