Vulnerability Details CVE-2026-23857
Dell Update Package (DUP) Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.1%
CVSS Severity
CVSS v3 Score 8.2
Products affected by CVE-2026-23857
-
cpe:2.3:a:dell:update_package_framework:23.12.00