Dell PowerScale InsightIQ 5.0.0-6.2.0 PrivEsc Exec Vulnerability
CVE-2026-40638 Published on May 12, 2026

Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2026-40638 is exploitable with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

HIGH

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

Execution with Unnecessary Privileges

The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

Products Associated with CVE-2026-40638

Want to know whenever a new CVE is published for Dell Insightiq? stack.watch will email you.

Dell Insightiq

Affected Versions

Dell PowerScale InsightIQ:

Before 6.3.0 or later is affected.

Dell PowerScale InsightIQ 5.0.0-6.2.0 PrivEsc Exec VulnerabilityCVE-2026-40638 Published on May 12, 2026

Vulnerability Analysis

Weakness Type

Execution with Unnecessary Privileges

Products Associated with CVE-2026-40638

Affected Versions

Dell PowerScale InsightIQ 5.0.0-6.2.0 PrivEsc Exec Vulnerability
CVE-2026-40638 Published on May 12, 2026