Description
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
Published: 2026-03-11
Score: 2.5 Low
EPSS: < 1% Very Low
KEV: No
Impact: Information Exposure
Action: Patch
AI Analysis

Impact

Dell Alienware Command Center (AWCC) prior to version 6.12.24.0 has an improper certificate validation flaw that can lead to the disclosure of sensitive information. The weakness is due to inadequate verification of SSL/TLS certificates during application communication. An attacker who gains local or low level privileges on the affected system can exploit this flaw and access data that should otherwise be protected, resulting in compromise of confidentiality.

Affected Systems

The vulnerability affects Dell Alienware Command Center (AWCC) versions earlier than 6.12.24.0. In particular, any installation of AWCC before the 6.12.24.0 release on Dell Alienware systems is exposed.

Risk and Exploitability

The CVSS score of 2.5 indicates a low severity security flaw, and the EPSS score of less than 1% signifies a very low probability of exploitation. This vulnerability is not listed in the CISA KEV catalog, indicating no known large-scale or targeted exploitation. The attack vector is local: an attacker must have at least low privileged access to the machine, so remote exploitation is not possible.

Generated by OpenCVE AI on March 20, 2026 at 15:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Dell Alienware Command Center to version 6.12.24.0 or newer as distributed by Dell.
  • If an upgrade is not immediately available, verify that the system’s certificate validation settings are not overridden and that no compromised certificates are used.
  • Monitor Dell support resources for any additional patches or advisories.

Generated by OpenCVE AI on March 20, 2026 at 15:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 20 Mar 2026 15:45:00 +0000

Type Values Removed Values Added
Title Improper Certificate Validation in Dell Alienware Command Center Enables Local Information Exposure

Mon, 16 Mar 2026 20:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:dell:alienware_command_center:*:*:*:*:*:*:*:*

Thu, 12 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell alienware Command Center
Vendors & Products Dell
Dell alienware Command Center

Wed, 11 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 19:30:00 +0000

Type Values Removed Values Added
Description Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
Weaknesses CWE-295
References
Metrics cvssV3_1

{'score': 2.5, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

Dell Alienware Command Center
cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2026-03-11T20:07:12.147Z

Reserved: 2026-01-23T06:07:21.818Z

Link: CVE-2026-24508

cve-icon Vulnrichment

Updated: 2026-03-11T20:07:07.692Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-11T20:16:14.400

Modified: 2026-03-16T20:36:45.663

Link: CVE-2026-24508

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T15:29:28Z

Weaknesses