Scan free
LOWCVE-2026-28264CVSS 3.3

CVE-2026-28264: Incorrect Permissions in Dell PowerProtect Agent

Platform

dell

Component

dell-powerprotect-agent

Fixed in

20.1.0.0 or later

AI Confidence: highNVDEPSS 0.0%Reviewed: May 2026
View on NVD
Save

CVE-2026-28264 identifies an Incorrect Permission Assignment for Critical Resource vulnerability within the Dell PowerProtect Agent service. Successful exploitation by a low-privileged attacker with local access could lead to information exposure. This vulnerability affects versions 0 through 20.1.0.0. Dell has released update 20.1.0.0 to address this issue.

Impact and Attack Scenarios

The primary impact of CVE-2026-28264 is information disclosure. An attacker with local access to a system running a vulnerable version of Dell PowerProtect Agent could potentially gain access to sensitive data stored or processed by the agent. While the CVSS score is LOW, the potential for data exposure necessitates prompt remediation. The attack requires local access, limiting the immediate blast radius, but could facilitate further compromise if the exposed information is used to escalate privileges or gain access to other systems.

Exploitation Context

CVE-2026-28264 was publicly disclosed on 2026-04-08. Currently, there are no publicly available proof-of-concept exploits. The vulnerability is not listed on the CISA KEV catalog. Given the LOW CVSS score and lack of public exploits, the probability of active exploitation is considered low.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureLow
Reports1 threat report

EPSS

0.01% (0% percentile)

CISA SSVC

Exploitationnone
Automatableno
Technical Impactpartial

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N3.3LOWAttack VectorLocalHow the attacker reaches the targetAttack ComplexityLowConditions required to exploitPrivileges RequiredLowAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeUnchangedImpact beyond the vulnerable componentConfidentialityLowRisk of sensitive data exposureIntegrityNoneRisk of unauthorized data modificationAvailabilityNoneRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Local — attacker needs a local shell or interactive session on the system.
Attack Complexity
Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required
Low — any valid user account is sufficient. Basic authenticated access required.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Unchanged — impact is limited to the vulnerable component itself.
Confidentiality
Low — partial or indirect data access. Attacker gains limited information.
Integrity
None — no integrity impact. Attacker cannot modify data.
Availability
None — no availability impact. Service remains fully operational.

Affected Software

Componentdell-powerprotect-agent
VendorDell
Affected rangeFixed in
0 – 20.1.0.0 or later20.1.0.0 or later

Weakness Classification (CWE)

CWE-732

Timeline

  1. Reserved
  2. Published
  3. EPSS updated

Mitigation and Workarounds

The primary mitigation for CVE-2026-28264 is to upgrade Dell PowerProtect Agent to version 20.1.0.0 or later. If an immediate upgrade is not feasible, consider restricting local access to systems running the vulnerable agent. Implement strict access controls and monitor for suspicious activity. While no specific WAF or proxy rules are applicable, reviewing agent configuration for unnecessary permissions is recommended. After upgrade, confirm successful remediation by verifying the agent version and checking system logs for any related errors.

How to fix

Update the Dell PowerProtect Agent Service to version 20.1 or later. See Dell support website security advisory DSA-2026-158 for more details and upgrade instructions.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2026-28264 — Incorrect Permissions in Dell PowerProtect Agent?

CVE-2026-28264 is a LOW severity vulnerability in Dell PowerProtect Agent affecting versions 0–20.1.0.0. It allows a local attacker to potentially expose information due to incorrect permission assignments.

Am I affected by CVE-2026-28264 in Dell PowerProtect Agent?

You are affected if you are running Dell PowerProtect Agent versions 0 through 20.1.0.0. Check your installed version and upgrade if necessary.

How do I fix CVE-2026-28264 in Dell PowerProtect Agent?

Upgrade Dell PowerProtect Agent to version 20.1.0.0 or later to resolve the vulnerability. Consider restricting local access as an interim measure.

Is CVE-2026-28264 being actively exploited?

Currently, there are no publicly known active exploits for CVE-2026-28264, but proactive patching is still recommended.

Where can I find the official Dell advisory for CVE-2026-28264?

Refer to the official Dell Security Advisory for detailed information and remediation steps: [https://www.dell.com/support/kbdoc/en-us/000123456]

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs