Home

Description

Dell iDRAC Service Module (iSM) for Windows, versions prior to 6.0.3.1, and Dell iDRAC Service Module (iSM) for Linux, versions prior to 5.4.1.1, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

PUBLISHED Reserved 2026-01-16 | Published 2026-02-12 | Updated 2026-02-13 | Assigner dell




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-284: Improper Access Control

Product status

Default status
unaffected

Any version before 5.4.1.1
affected

Any version before 6.0.3.1
affected

Default status
unaffected

Any version before 5.4.1.1
affected

References

www.dell.com/...-for-dell-idrac-service-module-vulnerability vendor-advisory

cve.org (CVE-2026-23856)

nvd.nist.gov (CVE-2026-23856)

Download JSON