CVE-2026-35066 Dell CVE debrief

Who should care

IT administrators and security teams responsible for Dell PowerFlex Manager systems should be aware of this vulnerability and apply the necessary security updates to prevent exploitation.

Technical summary

The vulnerability is caused by an Improper Access Control issue in Dell PowerFlex Manager. A low-privileged attacker with remote access could potentially exploit this vulnerability, leading to a denial of service. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H.

Defensive priority

High

Recommended defensive actions

• Apply the security update provided by Dell to address this vulnerability.
• Restrict remote access to Dell PowerFlex Manager systems to only necessary personnel.
• Monitor Dell PowerFlex Manager systems for suspicious activity.
• Implement additional security measures, such as multi-factor authentication, to prevent exploitation.
• Review and update incident response plans to address potential denial-of-service attacks.
• Consider implementing a web application firewall to detect and prevent exploitation attempts.

Evidence notes

The information provided is based on data from the NVD and Dell. The CVE record and NVD detail pages provide additional information on this vulnerability.

Official resources