CVE-2026-44274
Analyzed Analyzed - Analysis Complete

Dell Wyse Management Suite Improper Link Resolution

Vulnerability report for CVE-2026-44274, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-22

Last updated on: 2026-06-26

Assigner: Dell

Description

Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Link Resolution Before File Access vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-22
Last Modified
2026-06-26
Generated
2026-07-13
AI Q&A
2026-06-22
EPSS Evaluated
2026-07-11
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
dell wyse_management_suite to 2605 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-59 The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Impact Analysis

This vulnerability can lead to unauthorized access by a low privileged attacker with local access. The attacker could potentially read, modify, or delete sensitive files or data, which could compromise the confidentiality, integrity, and availability of the system.

Given the CVSS score of 7.8, the impact is considered high, affecting confidentiality, integrity, and availability.

Executive Summary

Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contains an Improper Link Resolution Before File Access vulnerability. This means that the software does not correctly handle symbolic links or shortcuts before accessing files, which can be exploited by a low privileged attacker who has local access to the system.

By exploiting this vulnerability, the attacker could gain unauthorized access to files or resources that they should not normally be able to access.

Compliance Impact

The vulnerability in Dell Wyse Management Suite allows a low privileged attacker with local access to gain unauthorized access, which could lead to a breach of confidentiality, integrity, and availability of sensitive data.

Such unauthorized access incidents can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls to protect sensitive personal and health information.

Therefore, exploitation of this vulnerability could result in non-compliance due to potential data breaches or unauthorized data exposure.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44274. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart