Cyber Posture

CVE-2026-27101

Medium

Published: 01 April 2026

Published
01 April 2026
Modified
02 April 2026
KEV Added
Patch
CVSS Score 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0034 57.0th percentile
Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-27101 is a medium-severity Path Traversal (CWE-22) vulnerability in Dell Secure Connect Gateway. Its CVSS base score is 4.7 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 43.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly prevents path traversal exploits by requiring validation of pathnames at input points to block access to restricted directories.

SI-2 Flaw Remediation good match
prevent

Mitigates the vulnerability through timely flaw remediation, such as applying Dell's security update for affected SCG versions.

AC-3 Access Enforcement partial match
prevent

Enforces logical access controls that restrict unauthorized traversal to protected directories despite high privileges.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

Path traversal (CWE-22) in network-accessible Dell SCG management application directly enables authenticated high-privileged attacker to achieve RCE by accessing restricted paths and executing arbitrary code.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker within the management network could potentially exploit this vulnerability,…

more

leading to remote execution.

Deeper analysisAI

CVE-2026-27101 is an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability, certified under CWE-22, affecting Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application versions 5.28.00.xx through 5.32.00.xx. Published on April 1, 2026, it has a CVSS v3.1 base score of 4.7 (AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L), indicating medium severity with network accessibility, low attack complexity, but requiring high privileges.

A high-privileged attacker within the management network can exploit this path traversal flaw to achieve remote code execution. The attacker leverages insufficient pathname restrictions to access restricted directories, potentially executing arbitrary code on the affected SCG appliance or application.

Dell advisory DSA-2026-020, detailed at https://www.dell.com/support/kbdoc/en-us/000438589/dsa-2026-020-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities, addresses this and related vulnerabilities with a security update for the SCG Application and Appliance.

Details

CWE(s)
CWE-22

Affected Products

dell
secure connect gateway
5.28.00.00 — 5.34.00.00 · 5.28.00.00 — 5.34.00.00

CVEs Like This One

CVE-2026-22266Same vendor: Dell
CVE-2025-26336Same vendor: Dell
CVE-2025-22475Same vendor: Dell
CVE-2025-43728Same vendor: Dell
CVE-2024-49601Same vendor: Dell
CVE-2026-26944Same vendor: Dell
CVE-2025-43995Same vendor: Dell
CVE-2025-36604Same vendor: Dell
CVE-2025-59384Shared CWE-22
CVE-2025-15031Shared CWE-22

References