Dell iDRAC Tools <11.4.1.0 Improper Link Resolution (Info Tampering)
CVE-2026-28262 Published on June 9, 2026
Dell iDRAC Tools, versions prior to 11.4.1.0, contains an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.
Vulnerability Analysis
CVE-2026-28262 is exploitable with local system access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity and availability.
Weakness Type
What is an insecure temporary file Vulnerability?
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CVE-2026-28262 has been classified to as an insecure temporary file vulnerability or weakness.
Affected Versions
Dell iDRAC Tools:- Before 11.4.1.0 or later is affected.