Improper Access Control in Dell ThinOS Affects Local Privileges
CVE-2026-40715

7.8HIGH

Key Information:

Vendor: Dell
Status: Thinos 10
Vendor: CVE Published:; 2 June 2026

What is CVE-2026-40715?

Dell ThinOS versions prior to ThinOS10 2602_10.0765 are susceptible to a vulnerability that allows a low privileged attacker with local access to escalate their privileges. This exploitation could lead to unauthorized access and manipulation of system configurations, highlighting the need for timely updates and effective security measures.

Affected Version(s)

ThinOS 10 0 < 2602_10.0765_T10

References

https://www.dell.com/support/kbdoc/en-us/000463678/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2026
Vulnerability Reserved
Apr 15, 2026

Credit

Dell would like to thank Brandon Schreiber for reporting this issue.

CVE-2026-40715 Data

JSON