CVE-2026-21420
Published: 23 February 2026
Summary
CVE-2026-21420 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Dell Repository Manager. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique DLL (T1574.001); ranked at the 2.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-6 (Least Privilege).
Deeper analysis
CVE-2026-21420 is an Uncontrolled Search Path Element vulnerability (CWE-427) in Dell Repository Manager (DRM), affecting versions prior to 3.4.8. Published on 2026-02-23, the issue has a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts with low attack complexity.
A low-privileged attacker with local access can exploit this vulnerability by leveraging the uncontrolled search path, potentially achieving arbitrary code execution and escalation of privileges. Exploitation requires user interaction, such as running a malicious file or executable placed in a searchable path.
Dell's security advisory DSA-2026-059 details a security update addressing this vulnerability in Dell Repository Manager. Practitioners should apply the patch by updating to version 3.4.8 or later to mitigate the risk.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-7388
Vulnerability details
Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution and escalation of privileges.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CWE-427 uncontrolled search path directly enables DLL/executable search-order hijacking (T1038/T1574.002) for local arbitrary code execution and privilege escalation (T1068).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires applying the vendor patch to upgrade DRM to 3.4.8+, eliminating the uncontrolled search path element before exploitation.
Enforces least privilege so a low-privileged local account cannot easily escalate via the arbitrary code loaded through the search path.
Requires integrity verification of executables and libraries, which can block or detect malicious code placed in an uncontrolled search path.