CVE Catalog

CVE-2026-41120

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.26%

17th percentile — higher than 17% of all known CVEs

Summary

A vulnerability in Dell Wyse Management Suite (versions prior to WMS 5.5 HF1) involves accepting extraneous untrusted data along with trusted data. This allows a low-privileged attacker with remote access to execute code on the vulnerable system.

Risk Assessment

The risk to the organization includes the possibility of remote code execution by an attacker with low privileges, which could lead to compromise of the management system and potentially managed devices.

Recommendation

It is recommended to immediately update Dell Wyse Management Suite to version WMS 5.5 HF1 or later, which fixes this vulnerability.

Original NVD description (English source)

Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote Code Execution.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS