DSA-2026-059: Security Update for Dell Repository Manager Vulnerability
Summary: Dell Repository Manager remediation is available for Uncontrolled Search Path vulnerability that could be exploited by malicious users to compromise the affected system.
Impact
High
Details
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2026-21420 |
Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution and escalation of privileges. |
7.3 |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2026-21420 |
Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution and escalation of privileges. |
7.3 |
Produse afectate și măsuri de remediere
|
Product |
Affected Versions |
Remediated Versions |
Link |
|
Dell Repository Manager |
Versions prior to 3.4.8 |
Version 3.4.8 or later |
https://www.dell.com/support/home/drivers/driversdetails?driverId=9CJ0C |
|
Product |
Affected Versions |
Remediated Versions |
Link |
|
Dell Repository Manager |
Versions prior to 3.4.8 |
Version 3.4.8 or later |
https://www.dell.com/support/home/drivers/driversdetails?driverId=9CJ0C |
Revision History
|
Revision |
Date |
Description |
|
1.0 |
2026-02-19 |
Initial Release |
Acknowledgements
Dell would like to thank pwni for reporting this issue.