PatchSiren cyber security CVE debrief
CVE-2026-54470 Dell CVE debrief
CVE-2026-54470 is an Improper Restriction of XML External Entity Reference vulnerability in Dell Unisphere for PowerMax, version(s) 10.3.0.5 and prior. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. This vulnerability has a CVSS score of 5.3 and a severity of MEDIUM. Security teams should review the CVE record and NVD entry for further details and assess the potential impact on their systems.
- Vendor
- Dell
- Product
- Unisphere for PowerMax
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-10
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-10
- Advisory updated
- 2026-07-10
Who should care
Security teams and administrators responsible for Dell Unisphere for PowerMax systems, especially those with version(s) 10.3.0.5 and prior, should be aware of this vulnerability. They should review the CVE record and NVD entry for further details and assess the potential impact on their systems. Additionally, they should consider applying security updates and monitoring for suspicious activity.
Technical summary
The CVE-2026-54470 vulnerability is classified as an Improper Restriction of XML External Entity Reference. It has a CVSS score of 5.3 and a severity of MEDIUM. The vulnerability allows a low privileged attacker with remote access to potentially exploit it, leading to Unauthorized access. The affected product is Dell Unisphere for PowerMax, version(s) 10.3.0.5 and prior. The CVE record and NVD entry provide additional information on this vulnerability.
Defensive priority
Medium priority due to the potential for unauthorized access. Security teams should prioritize reviewing and applying security updates, restricting access to affected systems, and monitoring for suspicious activity.
Recommended defensive actions
- Review and apply the security update provided by Dell.
- Restrict access to the affected systems.
- Monitor for suspicious activity.
- Inventory and track affected systems.
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
Evidence notes
The CVE record was published on 2026-07-10T13:16:20.550Z and has not been modified since then. The NVD entry is currently Received. This information is based on the NVD entry and the CVE record. The vulnerability affects Dell Unisphere for PowerMax, version(s) 10.3.0.5 and prior. The CVE record and NVD entry provide details on the vulnerability, but additional verification may be necessary to confirm affected deployments and assess potential impact.
Official resources
-
CVE-2026-54470 CVE record
CVE.org
-
CVE-2026-54470 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-10T13:16:20.550Z and has not been modified since then. The NVD entry is currently Received.