CVE-2026-28265 Dell — Exploit & Vulnerability Details MEDIUM

CVE-2026-28265

MEDIUM CVSS 3.1: 4.4 EPSS 0.01%

Parameter	Value
CVSS	4.4 (MEDIUM)
Type	CWE-35
Vendor	Dell
Public PoC	No

PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files.

Attack Parameters

Attack Vector

Local

Requires local access

Attack Complexity

Low

Easy to exploit

Privileges Required

Low

Basic privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

None

No data leak

Integrity

Low

Partial data modification

Availability

Low

Partial disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-35

Vulnerable Products

dell:powerstore 3000t dell:powerstore 5200t dell:powerstore 7000t dell:powerstore dell:powerstore 9000t dell:powerstore 5200q dell:powerstore 3200q dell:powerstore 1200t dell:powerstore 3200t dell:powerstore 9200t dell:powerstore 5000t dell:powerstore 500t dell:powerstore 1000t

References 1

https://www.dell.com/support/kbdoc/en-us/000444169/dsa-2026-157-dell-powerstore…

security_alert@emc.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-22768

Dell

7.3

CVE-2026-22767

Dell

7.3

CVE-2026-27101

Dell

4.7

CVE-2026-24510

Dell

7.8

CVE-2026-24508

Dell

5.5

Menu

CVE-2026-28265

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products

References 1

Related Vulnerabilities

CVE-2026-22768

CVE-2026-22767

CVE-2026-27101

CVE-2026-24510

CVE-2026-24508

CVE Details

Editor's Choice

Menu

CVE-2026-28265

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products

References 1

Related Vulnerabilities

CVE-2026-22768

CVE-2026-22767

CVE-2026-27101

CVE-2026-24510

CVE-2026-24508

CVE Details

Editor's Choice

Stay informed on cybersecurity