{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28265", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "state": "PUBLISHED", "assignerShortName": "dell", "dateReserved": "2026-02-25T18:04:25.462Z", "datePublished": "2026-04-01T07:41:28.180Z", "dateUpdated": "2026-04-01T13:10:14.638Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-04-01T07:41:28.180Z"}, "datePublic": "2026-03-25T06:30:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-35", "description": "CWE-35: Path Traversal", "type": "CWE"}]}], "affected": [{"vendor": "Dell", "product": "PowerStore", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 500T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 1000T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 1200T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 3000T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 3200Q", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 3200T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 5000T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 5200Q", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 5200T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 7000T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 9000T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 9200T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files."}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000444169/dsa-2026-157-dell-powerstore-t-security-update-for-multiple-vulnerabilities"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseSeverity": "MEDIUM", "baseScore": 4.4, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T13:10:06.196625Z", "id": "CVE-2026-28265", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T13:10:14.638Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-28265", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T13:10:06.196625Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T13:10:11.069Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Dell", "product": "PowerStore", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 500T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 1000T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 1200T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 3000T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 3200Q", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 3200T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 5000T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 5200Q", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 5200T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 7000T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 9000T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Dell", "product": "PowerStore 9200T", "versions": [{"status": "affected", "version": "0", "lessThan": "4.4.0.0-2692403 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}], "datePublic": "2026-03-25T06:30:00.000Z", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000444169/dsa-2026-157-dell-powerstore-t-security-update-for-multiple-vulnerabilities"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files.", "supportingMedia": [{"type": "text/html", "value": "PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-35", "description": "CWE-35: Path Traversal"}]}], "providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-04-01T07:41:28.180Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28265", "state": "PUBLISHED", "dateUpdated": "2026-04-01T13:10:14.638Z", "dateReserved": "2026-02-25T18:04:25.462Z", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "datePublished": "2026-04-01T07:41:28.180Z", "assignerShortName": "dell"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:powerstoreos:*:*:*:*:*:*:*:*", "matchCriteriaId": "6ACE53EA-9063-407A-BA59-B18F4362A201", "versionEndExcluding": "4.4.0.0-2692403", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:powerstore_1000t:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD5BE2B0-BB56-4E6C-8818-26910B23CE31", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:powerstore_1200t:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB965674-7EBA-437E-A13B-39BC3F3FE139", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:powerstore_3000t:-:*:*:*:*:*:*:*", "matchCriteriaId": "861B5BE7-159A-41FF-9658-D243051CAC88", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:powerstore_3200q:-:*:*:*:*:*:*:*", "matchCriteriaId": "8456D5B0-3D6A-4020-B693-D949EE2BA12E", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:powerstore_3200t:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0A29ED1-5CE6-4D49-A079-7F4E6D782DE1", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:powerstore_5000t:-:*:*:*:*:*:*:*", "matchCriteriaId": "2D5EE934-AD08-4C2B-B3EA-878975EE825E", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:powerstore_500t:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B529671-71A1-428C-BC17-C8E002222FEA", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:powerstore_5200q:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7CD86DB-77F8-45C8-848C-DD9DE9DA966D", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:powerstore_5200t:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0FCFFD4-A989-4AF3-99DF-32AE2547D9C1", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:powerstore_7000t:-:*:*:*:*:*:*:*", "matchCriteriaId": "37E8CD6E-65F4-48A0-B796-93E4EE51BD06", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:powerstore_9000t:-:*:*:*:*:*:*:*", "matchCriteriaId": "D9BB1B88-C9C0-4B08-84C6-279C79E34CD3", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:powerstore_9200t:-:*:*:*:*:*:*:*", "matchCriteriaId": "F90EFCBC-F720-4426-8043-EB1489820C22", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files."}], "id": "CVE-2026-28265", "lastModified": "2026-04-02T20:43:17.370", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 2.5, "source": "security_alert@emc.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-01T08:16:05.490", "references": [{"source": "security_alert@emc.com", "tags": ["Vendor Advisory"], "url": "https://www.dell.com/support/kbdoc/en-us/000444169/dsa-2026-157-dell-powerstore-t-security-update-for-multiple-vulnerabilities"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-35"}], "source": "security_alert@emc.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "PowerStore", "source": "cna", "vendor": "Dell"}, "product": "powerstore", "vendor": "dell"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "PowerStore 1000T", "source": "cna", "vendor": "Dell"}, "product": "powerstore_1000t", "vendor": "dell"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "PowerStore 1200T", "source": "cna", "vendor": "Dell"}, "product": "powerstore_1200t", "vendor": "dell"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "PowerStore 3000T", "source": "cna", "vendor": "Dell"}, "product": "powerstore_3000t", "vendor": "dell"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "PowerStore 3200Q", "source": "cna", "vendor": "Dell"}, "product": "powerstore_3200q", "vendor": "dell"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "PowerStore 3200T", "source": "cna", "vendor": "Dell"}, "product": "powerstore_3200t", "vendor": "dell"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "PowerStore 5000T", "source": "cna", "vendor": "Dell"}, "product": "powerstore_5000t", "vendor": "dell"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "PowerStore 500T", "source": "cna", "vendor": "Dell"}, "product": "powerstore_500t", "vendor": "dell"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "PowerStore 5200T", "source": "cna", "vendor": "Dell"}, "product": "powerstore_5200t", "vendor": "dell"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "PowerStore 7000T", "source": "cna", "vendor": "Dell"}, "product": "powerstore_7000t", "vendor": "dell"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "PowerStore 9000T", "source": "cna", "vendor": "Dell"}, "product": "powerstore_9000t", "vendor": "dell"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.4.0.0-2692403)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "PowerStore 9200T", "source": "cna", "vendor": "Dell"}, "product": "powerstore_9200t", "vendor": "dell"}], "analysis": {"en": {"generated_at": "2026-04-02T23:20:14.372949+00:00", "value": {"mitigation_remediation": ["Apply the Dell PowerStore security update referenced in the Dell KB (https://www.dell.com/support/kbdoc/en-us/000444169/dsa-2026-157-dell-powerstore-t-security-update-for-multiple-vulnerabilities).", "If an immediate patch cannot be applied, restrict or disable the Service user account to block the path traversal capability.", "After applying the update or disabling the account, verify the integrity of critical system files and review audit logs for unauthorized changes.", "Continuously monitor the system for abnormal file write activity to detect any future attempts."], "summary": {"action": "Patch", "impact": "Local File Modification"}, "threat_synthesis": {"affected_systems": "Affected devices are Dell PowerStore appliances, including the PowerStore 1000T, 1200T, 3000T, 3200Q, 3200T, 5000T, 500T, 5200Q, 5200T, 7000T, 9000T, and 9200T. No specific version data is provided.", "description_and_impact": "The PowerStore appliance exposes a path traversal flaw within its Service user account. An adversary who has local access and only low privileges can exploit this weakness to modify any system file unrelated to the Service user\u2019s working directory. This grants the attacker the ability to alter critical configuration or operational files, compromising the integrity of the storage system.", "risk_and_exploitability": "The CVSS score of 4.4 reflects moderate severity because the vulnerability impacts only files accessible to the Service user. The EPSS score of less than 1% indicates that exploitation is unlikely to occur in the wild, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires local presence with a Service user account; this inference comes from the description stating a low privileged attacker with local access could potentially exploit the flaw."}}}}, "created": "2026-04-02T07:49:45.963595+00:00", "updated": "2026-04-03T09:19:12.330200+00:00", "vendors": ["dell", "dell$PRODUCT$powerstore", "dell$PRODUCT$powerstore_1000t", "dell$PRODUCT$powerstore_1200t", "dell$PRODUCT$powerstore_3000t", "dell$PRODUCT$powerstore_3200q", "dell$PRODUCT$powerstore_3200t", "dell$PRODUCT$powerstore_5000t", "dell$PRODUCT$powerstore_500t", "dell$PRODUCT$powerstore_5200t", "dell$PRODUCT$powerstore_7000t", "dell$PRODUCT$powerstore_9000t", "dell$PRODUCT$powerstore_9200t"]}