CVE-2026-35070

Summary

Dell SmartFabric Storage Software, versions prior to 1.4.5, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.

Affected Software

VendorProductVersion RangeStatus
DellSmartFabric Storage Software0 < 1.4.5 or lateraffected

Weaknesses

  • CWE-77: CWE-77: Improper Neutralization of Special Elements used in a Command (Command Injection)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References