PatchSiren cyber security CVE debrief
CVE-2026-28262 Dell CVE debrief
CVE-2026-28262 is a MEDIUM-severity vulnerability in Dell iDRAC Tools, versions prior to 11.4.1.0. The vulnerability is caused by an Improper Link Resolution Before File Access ('Link Following') issue. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. The CVSS score for this vulnerability is 6. The CVE was published on 2026-06-09T09:16:29.037Z and modified on 2026-06-09T13:53:24.200Z.
- Vendor
- Dell
- Product
- iDRAC Tools
- CVSS
- MEDIUM 6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-09
Who should care
Users of Dell iDRAC Tools, versions prior to 11.4.1.0, should apply the necessary updates to mitigate this vulnerability.
Technical summary
The vulnerability exists in Dell iDRAC Tools due to an Improper Link Resolution Before File Access ('Link Following') issue. This could allow a low privileged attacker with local access to potentially exploit the vulnerability, leading to Information tampering.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply the necessary updates to Dell iDRAC Tools to version 11.4.1.0 or later.
- Restrict local access to the system to trusted users only.
Evidence notes
The CVE record [cve-org] and NVD detail [nvd] provide information on the vulnerability. A security update is available from Dell [ref-4].
Official resources
-
CVE-2026-28262 CVE record
CVE.org
-
CVE-2026-28262 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-28262 was published on 2026-06-09T09:16:29.037Z and modified on 2026-06-09T13:53:24.200Z.