Main Vulnerability Database SB2026030420

SB2026030420 - Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC)

Published: March 4, 2026

Security Bulletin ID SB2026030420

Severity

Low

Patch available

Number of vulnerabilities 2

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Incorrect default permissions (CVE-ID: CVE-2026-26034)

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to incorrect default permissions. A local attacker can load a specially crafted DLL and execute arbitrary code with SYSTEM privileges.

2) Unquoted Search Path or Element (CVE-ID: CVE-2026-26033)

The vulnerability allows a local user to execute arbitrary code the target system.

The vulnerability exists due to unquoted search path or element. A local administrator can execute arbitrary code with SYSTEM privileges.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://jvn.jp/en/jp/JVN56544509/index.html