Description
Dell Display and Peripheral Manager (DDPM Windows), versions prior to 2.3, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Published: 2026-06-25
Score: 7.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Dell Display and Peripheral Manager for Windows contains an improper access control flaw (CWE‑284). A local user with low privileges could bypass security checks and obtain the ability to execute code on the affected system. This vulnerability directly threatens the confidentiality and integrity of any data or processes accessed by the compromised account.

Affected Systems

The issue is present in Dell Display and Peripheral Manager versions older than 2.3 on Windows operating systems. No other products or versions are listed as affected.

Risk and Exploitability

The vulnerability is scored with a CVSS of 7.8, indicating high severity. The EPSS score is not available and the vulnerability is not currently listed in the CISA KEV catalog. Exploitability requires local, low‑privileged access; therefore, the attack vector is likely local. While it is not known to be actively exploited in the wild, the combination of a high CVSS score and local code execution potential warrants prompt mitigation.

Generated by OpenCVE AI on June 25, 2026 at 15:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Dell Display and Peripheral Manager to version 2.3 or later to fix the improper access control issue.
  • If immediate patching is not possible, restrict low‑privileged local accounts from accessing the DDPM service and consider disabling the application if it is not required for critical operations.
  • Apply any vendor‑issued security settings or workarounds that limit execution privileges for the DDPM program.

Generated by OpenCVE AI on June 25, 2026 at 15:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 25 Jun 2026 16:15:00 +0000

Type Values Removed Values Added
Title Improper Access Control Allows Local Code Execution in Dell Display and Peripheral Manager

Thu, 25 Jun 2026 14:00:00 +0000

Type Values Removed Values Added
Description Dell Display and Peripheral Manager (DDPM Windows), versions prior to 2.3, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Weaknesses CWE-284
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2026-06-25T13:17:39.256Z

Reserved: 2026-05-17T17:04:27.066Z

Link: CVE-2026-46733

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T16:00:12Z

Weaknesses