Insufficiently Protected Credentials Vulnerability in Dell iDRAC10
CVE-2026-35155

7.1HIGH

Key Information:

Vendor: Dell
Status: Idrac10
Vendor: CVE Published:; 29 April 2026

What is CVE-2026-35155?

The Dell iDRAC10 series, specifically the versions 1.20.70.50 and 1.30.05.10, is affected by a vulnerability that allows an authenticated low-privileged attacker to exploit a race condition. This exploitation could lead to elevated access, presenting risks to system integrity and security. Users are advised to review security updates and implement necessary measures to mitigate this flaw.

Affected Version(s)

iDRAC10 0 < 1.30.10.50 or later

References

https://www.dell.com/support/kbdoc/en-us/000452298/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 29, 2026
Vulnerability Reserved
Apr 1, 2026

CVE-2026-35155 Data

JSON