Description
Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
Published: 2026-04-27
Score: 6.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

Dell Alienware Command Center prior to 6.13.8.0 contains an Execution with Unnecessary Privileges flaw. A local user with limited rights can trigger the vulnerability and run code or processes with elevated privileges, thereby gaining administrative capabilities. The weakness is a classic example of CWE‑250.

Affected Systems

All Dell Alienware Command Center installations running versions earlier than 6.13.8.0 on Windows platforms are affected. The vulnerability was identified in the Dell Alienware Command Center (AWCC) component.

Risk and Exploitability

The CVSS score of 6.7 indicates moderate severity. EPSS data is not available, and the issue is not listed in the CISA KEV catalog, suggesting no documented widespread exploitation. The attack requires local access from a low‑privileged user and is therefore likely to be used in targeted or opportunistic scenarios, allowing the attacker to elevate privileges on the compromised machine.

Generated by OpenCVE AI on April 28, 2026 at 12:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the Dell security update that upgrades AWCC to version 6.13.8.0 or later, which removes the unnecessary privilege.
  • Revoke local user rights that allow execution of AWCC or its services, ensuring only administrators can launch it.
  • Apply local group policy or task‑secref to enforce least‑privilege execution for AWCC processes.

Generated by OpenCVE AI on April 28, 2026 at 12:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:dell:alienware_command_center:*:*:*:*:*:*:*:*

Tue, 28 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation via Unnecessary Privilege in Dell Alienware Command Center
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 28 Apr 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell alienware Command Center
Vendors & Products Dell
Dell alienware Command Center

Mon, 27 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
Description Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
Weaknesses CWE-250
References
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Dell Alienware Command Center
cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2026-04-28T12:44:15.113Z

Reserved: 2026-02-08T18:05:27.450Z

Link: CVE-2026-25908

cve-icon Vulnrichment

Updated: 2026-04-28T12:44:08.125Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-27T18:16:53.360

Modified: 2026-04-28T20:12:53.913

Link: CVE-2026-25908

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T13:00:15Z

Weaknesses