CVE-2026-21420 Dell — Exploit & Vulnerability Details HIGH

CVE-2026-21420

HIGH CVSS 3.1: 7.8 EPSS 0.01%

Parameter	Value
CVSS	7.8 (HIGH)
Affected Versions	before 3.4.8
Fixed In	3.4.8
Type	CWE-427 (Uncontrolled Search Path Element)
Vendor	Dell
Public PoC	No

Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution and escalation of privileges.

Attack Parameters

Attack Vector

Local

Requires local access

Attack Complexity

Low

Easy to exploit

Privileges Required

Low

Basic privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-427 Uncontrolled Search Path Element

Vulnerable Products 1

Configuration	From (including)	Up to (excluding)
Dell Repository_Manager cpe:2.3:a:dell:repository_manager::::::::	—	`3.4.8`

References 1

https://www.dell.com/support/kbdoc/en-us/000430183/dsa-2026-059-security-update…

security_alert@emc.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-22768

Dell

7.3

CVE-2026-22767

Dell

7.3

CVE-2026-28265

Dell

4.4

CVE-2026-27101

Dell

4.7

CVE-2026-24510

Dell

7.8

Menu

CVE-2026-21420

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 1

References 1

Related Vulnerabilities

CVE-2026-22768

CVE-2026-22767

CVE-2026-28265

CVE-2026-27101

CVE-2026-24510

CVE Details

Editor's Choice

Menu

CVE-2026-21420

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 1

References 1

Related Vulnerabilities

CVE-2026-22768

CVE-2026-22767

CVE-2026-28265

CVE-2026-27101

CVE-2026-24510

CVE Details

Editor's Choice

Stay informed on cybersecurity