Path Traversal Vulnerability in Dell PowerStore
CVE-2026-28265

4.4MEDIUM

Key Information:

Vendor: Dell
Status: Powerstore; Powerstore 500t; Powerstore 1000t; Powerstore 1200t
Vendor: CVE Published:; 1 April 2026

What is CVE-2026-28265?

The PowerStore product by Dell is affected by a path traversal vulnerability which can be exploited by an attacker with low privileges who has local access. This vulnerability may enable unauthorized modification of system files, thereby potentially compromising system integrity and security.

Affected Version(s)

PowerStore 0 < 4.4.0.0-2692403 or later

PowerStore 1000T 0 < 4.4.0.0-2692403 or later

PowerStore 1200T 0 < 4.4.0.0-2692403 or later

References

https://www.dell.com/support/kbdoc/en-us/000444169/dsa-20...

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 1, 2026
Vulnerability Reserved
Feb 25, 2026

CVE-2026-28265 Data

JSON