Incorrect Permission Assignment Vulnerability in Dell AppSync
CVE-2026-22768

7.3HIGH

Key Information:

Vendor: Dell
Status: Appsync
Vendor: CVE Published:; 1 April 2026

What is CVE-2026-22768?

Dell AppSync version 4.6.0 contains a vulnerability related to incorrect permission assignments, which can potentially allow low-privileged users with local access to elevate their privileges. This could grant them unauthorized access to critical resources, posing a significant security risk. Users are encouraged to review the provided advisory and implement updates to mitigate the risk.

Affected Version(s)

AppSync 0 < 4.6.1.0 or later

References

https://www.dell.com/support/kbdoc/en-us/000446965/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 1, 2026
Vulnerability Reserved
Jan 9, 2026

Credit

Dell would like to thank Marius Gabriel Mihai for reporting this issue.

CVE-2026-22768 Data

JSON