CVE-2026-21423

Summary

Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect default permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to code execution, denial of service, elevation of privileges, and information disclosure.

Affected Software

VendorProductVersion RangeStatus
DellPowerScale OneFS9.11.0.0 through 9.12.0.1 < 9.13.0.0 or lateraffected
DellPowerScale OneFSVersions prior to 9.10.1.6 < 9.10.1.6 or lateraffected

Weaknesses

  • CWE-276: CWE-276: Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References