Cyber Resilience

CVE-2026-23772

HighLPE

Published: 16 April 2026

Published
16 April 2026
Modified
17 April 2026
KEV Added
Patch
CVSS Score v3.1 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
EPSS Score 0.0001 0.4th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-23772 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Dell Storage Manager (inferred from references). Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

CVE-2026-23772 is an Improper Privilege Management vulnerability (CWE-269) affecting Dell Storage Manager - Replay Manager for Microsoft Servers version 8.0. This flaw allows improper handling of privileges within the software, as rated with a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H), indicating high severity due to its potential for significant integrity and availability impacts.

A low-privileged attacker with local access to the system can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation leads to elevation of privileges, potentially granting the attacker higher-level access on the affected system.

Dell has issued security advisory DSA-2026-058, available at https://www.dell.com/support/kbdoc/en-us/000453020/dsa-2026-058-security-update-for-dell-storage-manager-replay-manager-for-microsoft-servers-vulnerabilities, detailing a security update to address this and related vulnerabilities in Replay Manager for Microsoft Servers. Security practitioners should consult the advisory for patch deployment instructions and mitigation guidance.

EU & UK References

Vulnerability details

Dell Storage Manager - Replay Manager for Microsoft Servers, version(s) 8.0, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local privilege escalation via improper privilege management vulnerability directly matches Exploitation for Privilege Escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-44250Shared CWE-269
CVE-2024-53706Shared CWE-269
CVE-2025-66374Shared CWE-269
CVE-2026-28995Shared CWE-269
CVE-2025-43199Shared CWE-269
CVE-2025-36640Shared CWE-269
CVE-2025-8899Shared CWE-269
CVE-2024-47770Shared CWE-269
CVE-2025-24254Shared CWE-269
CVE-2025-27639Shared CWE-269

Affected Assets

Dell
Storage Manager
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Flaw remediation directly addresses the improper privilege management vulnerability by requiring timely patching as provided in Dell's security advisory DSA-2026-058.

prevent

Least privilege enforcement limits the privileges available for low-privileged attackers to escalate, countering the core CWE-269 issue in the software.

prevent

Access enforcement ensures proper mediation of privilege requests, preventing unauthorized elevation exploited by local low-privileged attackers.

References