Plattform
dell
Komponente
dell-storage-manager
Behoben in
8.0.3
CVE-2026-23772 describes an Improper Privilege Management vulnerability found in Dell Storage Manager - Replay Manager for Microsoft Servers. This flaw allows a low-privileged attacker with local access to potentially escalate their privileges within the system. The vulnerability affects versions 0.0.0 through 8.0.3, and a fix is available in version 8.0.3 or later.
Successful exploitation of CVE-2026-23772 could grant an attacker significantly elevated privileges within the affected system. This could enable them to read, modify, or delete sensitive data, install malicious software, or even take complete control of the server. The local access requirement limits the immediate scope of the attack, but a compromised user account with local access could be leveraged to escalate privileges and gain broader control. The impact is particularly concerning in environments where Dell Storage Manager manages critical data or infrastructure.
CVE-2026-23772 was published on 2026-04-16. The vulnerability's exploitation context is currently unclear; no public proof-of-concept (POC) exploits are known. The CVSS score of 7.3 (HIGH) indicates a significant potential for exploitation. It is not currently listed on KEV or EPSS, suggesting a low to medium probability of active exploitation at this time.
Organizations heavily reliant on Dell Storage Manager - Replay Manager for Microsoft Servers to manage their storage infrastructure are at significant risk. Environments with lax access controls or limited physical security are particularly vulnerable. Shared hosting environments where multiple users share the same server could also be affected.
• linux / server:
journalctl -u dell-storage-manager | grep -i privilege
ps aux | grep -i replay_manager• generic web:
Check for unusual processes running with elevated privileges using ps aux and compare against known Dell Storage Manager processes.
disclosure
Exploit-Status
EPSS
0.01% (0% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-23772 is to upgrade Dell Storage Manager - Replay Manager for Microsoft Servers to version 8.0.3 or later. If an immediate upgrade is not feasible, consider restricting local access to the system to only authorized personnel. Implement strong password policies and multi-factor authentication to further reduce the risk of unauthorized access. Monitor system logs for suspicious activity that might indicate exploitation attempts. After upgrade, confirm the fix by attempting to execute commands with a low-privileged user account to verify privilege escalation is prevented.
Aplique la actualización de seguridad DSA-2026-058 proporcionada por Dell para Dell Storage Manager - Replay Manager for Microsoft Servers a la versión 8.0.3 o posterior. Esta actualización aborda la vulnerabilidad de gestión de privilegios incorrecta que podría permitir la elevación de privilegios. Consulte la documentación de Dell para obtener instrucciones detalladas sobre cómo aplicar la actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-23772 is a HIGH severity vulnerability in Dell Storage Manager - Replay Manager for Microsoft Servers allowing a low-privileged local attacker to elevate privileges.
You are affected if you are running Dell Storage Manager - Replay Manager for Microsoft Servers versions 0.0.0 through 8.0.3.
Upgrade to Dell Storage Manager - Replay Manager for Microsoft Servers version 8.0.3 or later to resolve this vulnerability.
As of now, there are no known public exploits or active campaigns targeting CVE-2026-23772.
Refer to the official Dell Security Advisory for detailed information and updates regarding CVE-2026-23772.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.