Description
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
Published: 2026-06-25
Score: 6.7 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A race condition exists in Dell Display and Peripheral Manager for Mac prior to version 2.3. Concurrent execution of shared resources without proper synchronization allows an attacker to manipulate internal data structures. The flaw can lead to an attacker gaining privileges beyond what they initially possess.

Affected Systems

Victims are systems running Dell Display and Peripheral Manager (Mac) versions older than 2.3. The vulnerability is local to the machine and requires the attacker to have low‑privileged local access.

Risk and Exploitability

The CVSS score of 6.7 indicates a moderate to high risk. No EPSS score is available, and the issue is not listed in the CISA KEV catalog. Because the flaw is local, an attacker who can log on or run code as a standard user could exploit the race condition to elevate privileges on the affected machine.

Generated by OpenCVE AI on June 25, 2026 at 15:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Dell Display and Peripheral Manager to version 2.3 or later.
  • If an upgrade is not immediately possible, run the DDPM process with the least privileges required and disable any unnecessary shared resource usage.
  • Restrict local accounts from interacting with DDPM by configuring appropriate permissions or disabling the application when not needed.

Generated by OpenCVE AI on June 25, 2026 at 15:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 25 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Title Race Condition in Dell Display and Peripheral Manager Enables Local Privilege Escalation

Thu, 25 Jun 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 25 Jun 2026 14:00:00 +0000

Type Values Removed Values Added
Description Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
Weaknesses CWE-362
References
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2026-06-25T14:20:46.608Z

Reserved: 2026-05-17T17:04:27.066Z

Link: CVE-2026-46732

cve-icon Vulnrichment

Updated: 2026-06-25T14:19:05.637Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T15:30:16Z

Weaknesses
  • CWE-362

    Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')