CVE Details
Basic Information
| Title | CVE-2025-26476 |
|---|---|
| Type | cve |
| Published | 2025-08-04T18:44:50.332Z |
| Modified | 2025-08-04T19:16:39.758Z |
Product Information
| Vendor | Dell |
|---|---|
| Product | ECS |
| Version | N/A |
CVSS Information
| Base Score | 8.4 (HIGH) |
|---|---|
| Attack Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
AI Analysis
| AI Description | A vulnerability in Dell ECS and ObjectScale allows unauthorized access due to a hard-coded cryptographic key. Local access is required for exploitation. |
|---|---|
| AI Severity | Critical |
| AI Vendor | Dell |
| AI Product | ECS |
| AI Version | 3.8.1.5, 4.0.0.0 |
Affected Products
- Dell ECS N/A
- Dell ObjectScale 4.0.0.0
Additional Information
| CWE List | CWE-321 |
|---|---|
| Source | dell |
Description
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.