← back
CVE-2026-23856

CVE-2026-23856

CVSS 7.8 HIGHEPSS 0.1%CWE-284
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.8EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
12 Feb 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell iDRAC Service Module (iSM) for Windows, versions prior to 6.0.3.1, and Dell iDRAC Service Module (iSM) for Linux, versions prior to 5.4.1.1, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H