CVE-2026-24510
Published: 11 March 2026
Summary
CVE-2026-24510 is a medium-severity Improper Privilege Management (CWE-269) vulnerability in Dell Alienware Command Center. Its CVSS base score is 6.7 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 3.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Deeper analysis
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, is affected by CVE-2026-24510, an Improper Privilege Management vulnerability classified under CWE-269. This flaw allows potential escalation of privileges and has a CVSS v3.1 base score of 6.7 (AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H), indicating medium severity with local attack vector, high attack complexity, low privileges required, and user interaction needed.
A low-privileged attacker with local access to the system can exploit this vulnerability to achieve elevation of privileges, potentially gaining higher-level access that enables full control over confidentiality, integrity, and availability of the affected system.
Dell has published security advisory DSA-2026-093, available at https://www.dell.com/support/kbdoc/en-us/000427573/dsa-2026-093, which provides details on mitigation and patching instructions for this issue.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-11303
Vulnerability details
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct local privilege escalation via improper privilege management (CWE-269) in AWCC maps to exploitation for privilege escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly counters the CWE-269 improper privilege management flaw by ensuring the AWCC process and its users operate only with the minimal privileges required, blocking the local escalation path.
Enforces the intended access-control policy on the AWCC service so that low-privileged local accounts cannot obtain the elevated rights the vulnerability would otherwise grant.
Limits creation and assignment of the low-privileged accounts that the advisory states are sufficient to trigger the elevation, reducing the attack surface before exploitation occurs.