Critical Dell Wyse Security Flaws Threaten Systems

Critical Dell Wyse Security Flaws Threaten Systems

Posted on By CWS

Recent findings in cybersecurity have shed light on how minor logical issues in Dell Wyse Management Suite (WMS) On-Premises could lead to a complete system compromise. This discovery underscores the critical nature of maintaining robust security protocols within enterprise environments.

Chaining Vulnerabilities for System Compromise

Security experts have shown that two particular vulnerabilities, when combined, enable attackers to bypass security measures and execute remote code on the management server without authorization. The vulnerabilities, identified as CVE-2026-22765 and CVE-2026-22766, pose significant risks, allowing attackers to escalate privileges and execute arbitrary code.

The first vulnerability, CVE-2026-22765, scores a CVSS of 8.8 and involves a missing authorization check that permits low-privileged users to gain full administrative access. The second, CVE-2026-22766, rated at 7.2, enables high-privileged attackers to upload files without restriction, leading to code execution on the system.

Exploitation Process and Attack Chain

The exploitation process begins with a vulnerability in device registration, where attackers can add rogue devices using an empty group token. This initial step allows attackers to acquire a device identifier and authentication code, giving them access to the WMS API.

With these credentials, attackers exploit exposed Active Directory (AD) import routes, crafting a new administrative role group. They manipulate API endpoints to create an administrator account linked to this role, bypassing traditional authentication barriers.

Researchers have identified that attackers can either exploit a logic flaw in the password reset function or, in Pro environments with LDAP, leverage compromised domain user identifiers to gain administrative access.

Mitigation and Future Security Measures

To mitigate these vulnerabilities, Dell released WMS version 5.5 on February 23, 2026, addressing the critical flaws and breaking the exploitation chain. This update is crucial for system administrators overseeing Dell WMS On-Premises deployments to secure their environments against potential attacks.

The new version includes filters that prevent traditional path traversal attacks and safeguard the file repository settings. Administrators must promptly update their systems to prevent unauthorized access and ensure that their infrastructures are protected against these newly identified attack vectors.

Staying informed about the latest cybersecurity threats and updates is vital for maintaining robust security. Follow us for ongoing updates and insights into the evolving cybersecurity landscape. For more information, contact us with your stories or concerns.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Windows Docker Desktop Vulnerability Leads to Full Host Compromise Windows Docker Desktop Vulnerability Leads to Full Host Compromise Cyber Security News
CISA Warns of Windows Cloud Files Mini Filter 0-Day Vulnerability Exploited in Attacks CISA Warns of Windows Cloud Files Mini Filter 0-Day Vulnerability Exploited in Attacks Cyber Security News
Critical OpenClaw Vulnerability Allows AI Agent Hijacking Critical OpenClaw Vulnerability Allows AI Agent Hijacking Cyber Security News
Windows Notepad Vulnerability Fixed in February Update Windows Notepad Vulnerability Fixed in February Update Cyber Security News
Microsoft Enhances Defender Security for Windows Systems Microsoft Enhances Defender Security for Windows Systems Cyber Security News
CrowdStrike Fires Insider for Sharing Internal System Details with Hackers CrowdStrike Fires Insider for Sharing Internal System Details with Hackers Cyber Security News