CVE-2026-26949
Incorrect Authorization in Dell DDMA Allows Privilege Escalation
Publication date: 2026-03-04
Last updated on: 2026-03-05
Assigner: Dell
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | device_management_agent | to 26.02 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-863 | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in Dell Device Management Agent (DDMA) versions prior to 26.02 and is an Incorrect Authorization issue. It allows a low privileged attacker who has local access to the system to potentially exploit the vulnerability and gain elevated privileges.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing a low privileged local attacker to elevate their privileges on the affected system. This means the attacker could gain higher-level access than intended, potentially compromising system security.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know