Cyber Posture

CVE-2026-23857

High

Published: 12 February 2026

Published
12 February 2026
Modified
18 February 2026
KEV Added
Patch
CVSS Score 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
EPSS Score 0.0001 2.3th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-23857 is a high-severity Improper Handling of Insufficient Permissions or Privileges (CWE-280) vulnerability in Dell Update Package Framework. Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 2.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Timely remediation through application of Dell's security update directly fixes the improper handling of permissions vulnerability in the DUP Framework.

AC-6 Least Privilege good match
prevent

Least privilege enforcement limits the privileges available to low-privileged local attackers, directly mitigating privilege escalation potential in the DUP Framework.

AC-3 Access Enforcement partial match
prevent

Access enforcement ensures system mechanisms properly mediate privilege checks, countering the DUP Framework's insufficient permissions handling.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Local privilege escalation via improper permissions handling in update framework directly matches Exploitation for Privilege Escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Dell Update Package (DUP) Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

Deeper analysisAI

CVE-2026-23857 is an Improper Handling of Insufficient Permissions or Privileges vulnerability (CWE-280) in the Dell Update Package (DUP) Framework, affecting versions 23.12.00 through 24.12.00. Published on 2026-02-12, it has a CVSS v3.1 base score of 8.2 (AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H), indicating high severity due to its potential for significant confidentiality, integrity, and availability impacts with a changed scope.

A low-privileged attacker with local access can exploit this vulnerability by leveraging user interaction, such as convincing the user to perform a specific action. Successful exploitation could lead to elevation of privileges, allowing the attacker to gain higher-level access on the affected system.

Dell has issued security advisory DSA-2026-081, available at https://www.dell.com/support/kbdoc/en-us/000426781/dsa-2026-081-security-update-for-dell-update-package-dup-framework-vulnerability, which provides details on a security update to mitigate the vulnerability in the DUP Framework.

Details

CWE(s)
CWE-280

Affected Products

dell
update package framework
23.12.00 — 25.02.00

CVEs Like This One

CVE-2025-22395Same product: Dell Update Package Framework
CVE-2026-32655Same vendor: Dell
CVE-2026-27102Same vendor: Dell
CVE-2025-21105Same vendor: Dell
CVE-2026-25906Same vendor: Dell
CVE-2026-35155Same vendor: Dell
CVE-2026-24510Same vendor: Dell
CVE-2026-22765Same vendor: Dell
CVE-2026-26949Same vendor: Dell
CVE-2024-48013Same vendor: Dell

References