Description
Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure.
Published: 2026-06-22
Score: 6 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Dell Wyse Management Suite versions prior to 2605 contain a Use of Default Credentials flaw, identified as CWE-1392. An attacker with local high privileges can log in using factory credentials and gain unauthorized access to management interfaces, potentially exposing configuration data and other sensitive information.

Affected Systems

Dell Wyse Management Suite (WMS) for all releases before 2605.

Risk and Exploitability

The CVSS score of 6 indicates moderate severity. No EPSS score is available, and the vulnerability is not listed in CISA KEV, suggesting limited public exploitation. Since the attack requires local high‑privilege access, the likelihood of exploitation depends on the attacker’s physical or network proximity to the WMS system. If achieved, the information disclosed could assist further attacks against the network or other assets.

Generated by OpenCVE AI on June 22, 2026 at 21:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade WMS to version 2605 or newer, which removes the factory default accounts.
  • Disable or change default credentials on all existing installations and enforce strong password policies.
  • Segregate the management network and restrict local access to only authorized personnel.

Generated by OpenCVE AI on June 22, 2026 at 21:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 22 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Title Use of Default Credentials in Dell Wyse Management Suite Enables Information Disclosure

Mon, 22 Jun 2026 20:00:00 +0000

Type Values Removed Values Added
Description Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure.
Weaknesses CWE-1392
References
Metrics cvssV3_1

{'score': 6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2026-06-22T20:38:14.139Z

Reserved: 2026-05-05T17:04:45.713Z

Link: CVE-2026-44273

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-22T21:30:06Z

Weaknesses