Incorrect Default Permissions in UPS Multi-UPS Management Console by Dell
CVE-2026-26034

8.5HIGH

Key Information:

Vendor: Dell Inc.
Status: Ups Multi-ups Management Console (mumc)
Vendor: CVE Published:; 5 March 2026

What is CVE-2026-26034?

The UPS Multi-UPS Management Console, version 01.06.0001 (A03) from Dell, is susceptible to an Incorrect Default Permissions vulnerability. This issue enables potentially malicious actors to execute arbitrary code with SYSTEM privileges. The vulnerability arises when the application loads a specially crafted DLL due to inadequate permission configurations, allowing attackers to exploit the system. It is crucial for users to address this security flaw promptly to safeguard against unauthorized access and control.

Affected Version(s)

UPS Multi-UPS Management Console (MUMC) 01.06.0001 (A03)

References

https://www.dell.com/support/home/en-us/drivers/driversde...

https://jvn.jp/en/jp/JVN56544509/

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

CVSS V3.0

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 5, 2026
Vulnerability Reserved
Feb 10, 2026

CVE-2026-26034 Data

JSON

Dell Inc.

What is CVE-2026-26034?

Affected Version(s)

References

CVSS V4

CVSS V3.0

Timeline