CVE-2026-34883
Awaiting Analysis Awaiting Analysis - Queue
Symbolic Link Privilege Escalation in Portrait Dell Color Management

Publication date: 2026-05-19

Last updated on: 2026-05-19

Assigner: MITRE

Description
An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily_07Feb11.edr to C:\ProgramData\Portrait Displays\CW\data\i1D3\ while running with elevated privileges. Because the installer does not properly validate symbolic links or reparse points at the destination path, an attacker can create a malicious link that redirects the write operation to an arbitrary system location, enabling arbitrary file creation or overwrite with elevated privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-19
Last Modified
2026-05-19
Generated
2026-05-20
AI Q&A
2026-05-19
EPSS Evaluated
N/A
NVD
CVE-2026-34883
EUVD
EUVD-2026-30934
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
portrait_displays color_management 3.7.0
portrait_displays color_management to 3.7.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-59 The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Portrait Dell Color Management application before version 3.7.0 for Dell monitors on Windows. It is a symbolic link vulnerability that allows a local user with low privileges to escalate their privileges to Administrator.

During installation, the software writes a file named CCFLFamily_07Feb11.edr to a specific directory while running with elevated privileges. However, the installer does not properly check if the destination path is a symbolic link or reparse point.

An attacker can exploit this by creating a malicious symbolic link that redirects the file write operation to an arbitrary system location. This enables the attacker to create or overwrite files with elevated privileges.


How can this vulnerability impact me? :

This vulnerability can allow a local low-privileged user to escalate their privileges to Administrator on a Windows system running the affected software.

By exploiting the symbolic link vulnerability during installation, an attacker can create or overwrite arbitrary files with elevated privileges, potentially leading to full system compromise.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, ensure that the Portrait Dell Color Management application is updated to version 3.7.0 or later, where the symbolic link vulnerability has been addressed.

Additionally, restrict local user permissions to prevent the creation of symbolic links or reparse points in the installation directories, especially under C:\ProgramData\Portrait Displays\CW\data\i1D3\.

Avoid running the installer with elevated privileges unless necessary, and verify the integrity of files and links in the installation path before and after installation.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart