Description
Dell Storage Manager - Replay Manager for Microsoft Servers, version(s) 8.0, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Published: 2026-04-16
Score: 7.3 High
EPSS: < 1% Very Low
KEV: No
Impact: Elevation of Privilege
Action: Patch Immediately
AI Analysis

Impact

Dell Storage Manager – Replay Manager for Microsoft Servers version 8.0 contains an Improper Privilege Management vulnerability. An attacker who has local, low‑privileged access can exploit the flaw to gain higher privileges on the machine. This elevation allows the attacker to perform actions normally restricted to administrators, potentially compromising system security.

Affected Systems

The vulnerable product is Dell Storage Manager – Replay Manager for Microsoft Servers, version 8.0. No other vendors or product versions are mentioned as affected.

Risk and Exploitability

The CVSS base score of 7.3 indicates a high severity vulnerability. The EPSS score is reported as less than 1%, implying a very low but nonzero probability of exploitation, and the vulnerability is not currently listed in the CISA KEV catalog. Attackers need local, low‑privileged access to leverage the escalation path, which is relatively easy to obtain in environments where user accounts have local rights.

Generated by OpenCVE AI on April 17, 2026 at 04:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Download and install the Dell Security Update DSA‑2026‑058 for Storage Manager v8.0, which removes the improper privilege checks in the Replay Manager for Microsoft Servers.
  • Adjust the accounts that run the Storage Manager service to the minimum required privileges; remove local administrator rights from all non‑essential accounts.
  • Implement Dell’s recommended access‑control hardening, such as disabling unnecessary local services and enforcing strict audit trails for privilege‑related actions.

Generated by OpenCVE AI on April 17, 2026 at 04:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 17 Apr 2026 05:15:00 +0000

Type Values Removed Values Added
Title Improper Privilege Management Vulnerability in Dell Storage Manager Replay Manager

Thu, 16 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 16 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell storage Manager
Vendors & Products Dell
Dell storage Manager

Thu, 16 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
Description Dell Storage Manager - Replay Manager for Microsoft Servers, version(s) 8.0, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Weaknesses CWE-269
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H'}

Subscriptions

Dell Storage Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2026-04-17T03:55:13.852Z

Reserved: 2026-01-16T06:05:50.872Z

Link: CVE-2026-23772

cve-icon Vulnrichment

Updated: 2026-04-16T13:03:21.784Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-16T09:16:35.280

Modified: 2026-04-17T15:17:00.957

Link: CVE-2026-23772

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T05:00:05Z

Weaknesses