Cyber Resilience

CVE-2026-23862

HighUpdated

Published: 16 March 2026

Published
16 March 2026
Modified
02 June 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0005 15.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-23862 is a high-severity Command Injection (CWE-77) vulnerability in Dell Thinos. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 15.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-23862 is a command injection vulnerability (CWE-77) in Dell ThinOS 10 versions prior to 2602_10.0573, stemming from improper neutralization of special elements used in a command. This flaw allows malicious input to alter command execution, as rated with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts from a local, low-privilege attack with low complexity and no user interaction required.

A low-privileged attacker with local access to the affected ThinOS system can exploit this vulnerability to achieve elevation of privileges, potentially gaining higher-level control over the endpoint. Exploitation requires physical or network-based local access but no administrative rights initially, making it feasible in shared or compromised endpoint environments.

Dell Security Advisory DSA-2026-122, available at https://www.dell.com/support/kbdoc/en-us/000435801/dsa-2026-122, details the issue and recommends updating to ThinOS version 2602_10.0573 or later to mitigate the vulnerability.

EU & UK References

Vulnerability details

Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local command injection (CWE-77) directly enables privilege escalation from low-privileged context on the endpoint.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-26331Same product: Dell Thinos
CVE-2024-48830Same vendor: Dell
CVE-2025-22473Same vendor: Dell
CVE-2026-23778Same vendor: Dell
CVE-2025-22472Same vendor: Dell
CVE-2026-40715Same product: Dell Thinos
CVE-2025-46428Same vendor: Dell
CVE-2025-27688Same product: Dell Thinos
CVE-2026-22284Same vendor: Dell
CVE-2024-48013Same vendor: Dell

Affected Assets

dell
thinos
2602 — 2602.10.0573

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of inputs to prevent improper neutralization of special elements that enable command injection.

prevent

Mandates timely remediation of identified flaws, such as applying the vendor patch to ThinOS version 2602_10.0573 or later.

prevent

Enforces least privilege to limit the impact and success of privilege escalation attempts via command injection from low-privileged local access.

References