CVE-2026-21420

High

Published: 23 February 2026

Published

23 February 2026

Modified

24 February 2026

KEV Added

—

Patch

—

CVSS Score 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS Score 0.0002 4.7th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-21420 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Dell Repository Manager. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique DLL Search Order Hijacking (T1038); ranked at the 4.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to DLL Search Order Hijacking (T1038) and 2 other techniques.

Threat & Defense Details

MITRE ATT&CK Enterprise TechniquesAI

T1038 DLL Search Order Hijacking Persistence

Windows systems use a common method to look for required DLLs to load into a program.

attack.mitre.org →

T1574.002 DLL Side-Loading Stealth

Adversaries may execute their own malicious payloads by side-loading DLLs.

attack.mitre.org →

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

CWE-427 uncontrolled search path directly enables DLL/executable search-order hijacking (T1038/T1574.002) for local arbitrary code execution and privilege escalation (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution and escalation of privileges.

Deeper analysisAI

CVE-2026-21420 is an Uncontrolled Search Path Element vulnerability (CWE-427) in Dell Repository Manager (DRM), affecting versions prior to 3.4.8. Published on 2026-02-23, the issue has a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts with low attack complexity.

A low-privileged attacker with local access can exploit this vulnerability by leveraging the uncontrolled search path, potentially achieving arbitrary code execution and escalation of privileges. Exploitation requires user interaction, such as running a malicious file or executable placed in a searchable path.

Dell's security advisory DSA-2026-059 details a security update addressing this vulnerability in Dell Repository Manager. Practitioners should apply the patch by updating to version 3.4.8 or later to mitigate the risk.

Details

CWE(s): CWE-427

Affected Products

dell

repository manager

≤ 3.4.8

CVEs Like This One

CVE-2026-24502Same vendor: Dell

CVE-2026-3091Shared CWE-427

CVE-2024-9492Shared CWE-427

CVE-2025-33229Shared CWE-427

CVE-2025-52541Shared CWE-427

CVE-2026-32655Same vendor: Dell

CVE-2026-27102Same vendor: Dell

CVE-2025-21105Same vendor: Dell

CVE-2026-25906Same vendor: Dell

CVE-2026-23857Same vendor: Dell

References

https://www.dell.com/support/kbdoc/en-us/000430183/dsa-2026-059-security-update-for-dell-repository-manager-vulnerability
Patch, Vendor Advisory · security_alert@emc.com