HIGH🇵🇱 Wersja polska

CVE-2026-23862

CVSS 7.8v3.1pub. 2026-03-16upd. 2026-06-02

Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Dell Thinos

    OS
    Dell
    2602 – 2602.10.0573 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-43728CRITICAL9.6PL ✓ten sam produkt

Obejście mechanizmu ochrony w Dell ThinOS 10 (Auth Bypass)

CVE-2026-40715HIGH7.8ten sam produkt

Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access Control vulnerability. A l...

CVE-2025-43730HIGH8.4ten sam produkt

Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument Delimiters in ...

CVE-2025-43729HIGH7.8ten sam produkt

Dell ThinOS 10, versions prior to 2508_10.0127, contains an Incorrect Permission Assignment for Critical Resou...

CVE-2025-43882HIGH7.8ten sam produkt

Dell ThinOS 10, versions prior to 2508_10.0127, contains an Unverified Ownership vulnerability. A local low-pr...