CVE-2026-40636

Summary

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker.

Affected Software

VendorProductVersion RangeStatus
DellECS0 < 4.3.0.0 or lateraffected
DellObjectScale0 < 4.3.0.0 or lateraffected

Weaknesses

  • CWE-798: CWE-798: Use of Hard-coded Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References