CVE-2026-28265

Summary

PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files.

Affected Software

VendorProductVersion RangeStatus
DellPowerStore0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 500T0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 1000T0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 1200T0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 3000T0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 3200Q0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 3200T0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 5000T0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 5200Q0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 5200T0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 7000T0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 9000T0 < 4.4.0.0-2692403 or lateraffected
DellPowerStore 9200T0 < 4.4.0.0-2692403 or lateraffected

Weaknesses

  • CWE-35: CWE-35: Path Traversal

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References