CVE-2026-23862
Published: 16 March 2026
Summary
CVE-2026-23862 is a high-severity Command Injection (CWE-77) vulnerability in Dell Thinos. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 15.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-23862 is a command injection vulnerability (CWE-77) in Dell ThinOS 10 versions prior to 2602_10.0573, stemming from improper neutralization of special elements used in a command. This flaw allows malicious input to alter command execution, as rated with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts from a local, low-privilege attack with low complexity and no user interaction required.
A low-privileged attacker with local access to the affected ThinOS system can exploit this vulnerability to achieve elevation of privileges, potentially gaining higher-level control over the endpoint. Exploitation requires physical or network-based local access but no administrative rights initially, making it feasible in shared or compromised endpoint environments.
Dell Security Advisory DSA-2026-122, available at https://www.dell.com/support/kbdoc/en-us/000435801/dsa-2026-122, details the issue and recommends updating to ThinOS version 2602_10.0573 or later to mitigate the vulnerability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-12476
Vulnerability details
Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local command injection (CWE-77) directly enables privilege escalation from low-privileged context on the endpoint.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of inputs to prevent improper neutralization of special elements that enable command injection.
Mandates timely remediation of identified flaws, such as applying the vendor patch to ThinOS version 2602_10.0573 or later.
Enforces least privilege to limit the impact and success of privilege escalation attempts via command injection from low-privileged local access.