Dell ECS 3.8.1.0-3.8.1.7 / Dell ObjectScale <4.3.0 Hardcoded Credentials: CVE-2026-40636 May 2026

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker.

Vulnerability Analysis

CVE-2026-40636 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

Use of Hard-coded Credentials

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

Products Associated with CVE-2026-40636

Want to know whenever a new CVE is published for Dell Objectscale? stack.watch will email you.

Dell ECS 3.8.1.0-3.8.1.7 / Dell ObjectScale <4.3.0 Hardcoded Credentials
CVE-2026-40636 Published on May 11, 2026

Vulnerability Analysis

Weakness Type

Use of Hard-coded Credentials

Products Associated with CVE-2026-40636

Affected Versions

Dell ECS 3.8.1.0-3.8.1.7 / Dell ObjectScale <4.3.0 Hardcoded CredentialsCVE-2026-40636 Published on May 11, 2026

Vulnerability Analysis

Weakness Type

Use of Hard-coded Credentials

Products Associated with CVE-2026-40636

Affected Versions

Dell ECS 3.8.1.0-3.8.1.7 / Dell ObjectScale <4.3.0 Hardcoded Credentials
CVE-2026-40636 Published on May 11, 2026