{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25908", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "state": "PUBLISHED", "assignerShortName": "dell", "dateReserved": "2026-02-08T18:05:27.450Z", "datePublished": "2026-04-27T18:10:27.719Z", "dateUpdated": "2026-04-28T12:44:15.113Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-04-27T18:10:27.719Z"}, "datePublic": "2026-04-27T17:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-250", "description": "CWE-250: Execution with Unnecessary Privileges", "type": "CWE"}]}], "affected": [{"vendor": "Dell", "product": "Alienware Command Center (AWCC)", "versions": [{"status": "affected", "version": "0", "lessThan": "6.13.8.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges."}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000451018/dsa-2026-192-security-update-for-dell-alienware-command-center-6-x-for-multiple-vulnerabilities", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}}], "credits": [{"lang": "en", "value": "Dell would like to thank Ouallaout Noureddine for reporting this issue.", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-28T03:55:32.155815Z", "id": "CVE-2026-25908", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T12:44:15.113Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25908", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "state": "PUBLISHED", "assignerShortName": "dell", "dateReserved": "2026-02-08T18:05:27.450Z", "datePublished": "2026-04-27T18:10:27.719Z", "dateUpdated": "2026-04-28T12:44:15.113Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-04-27T18:10:27.719Z"}, "datePublic": "2026-04-27T17:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-250", "description": "CWE-250: Execution with Unnecessary Privileges", "type": "CWE"}]}], "affected": [{"vendor": "Dell", "product": "Alienware Command Center (AWCC)", "versions": [{"status": "affected", "version": "0", "lessThan": "6.13.8.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges."}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000451018/dsa-2026-192-security-update-for-dell-alienware-command-center-6-x-for-multiple-vulnerabilities", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}}], "credits": [{"lang": "en", "value": "Dell would like to thank Ouallaout Noureddine for reporting this issue.", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25908", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-28T03:55:32.155815Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T12:44:08.125Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges."}], "id": "CVE-2026-25908", "lastModified": "2026-04-27T18:57:20.293", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "security_alert@emc.com", "type": "Secondary"}]}, "published": "2026-04-27T18:16:53.360", "references": [{"source": "security_alert@emc.com", "url": "https://www.dell.com/support/kbdoc/en-us/000451018/dsa-2026-192-security-update-for-dell-alienware-command-center-6-x-for-multiple-vulnerabilities"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-250"}], "source": "security_alert@emc.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,6.13.8.0)"}}], "enrichment": {"confidence": 91.0, "confidence_source": "matching", "scores": [{"score": 91.0, "source": "matching"}]}, "original": {"product": "Alienware Command Center (AWCC)", "source": "cna", "vendor": "Dell"}, "product": "alienware_command_center", "vendor": "dell"}], "analysis": {"en": {"generated_at": "2026-04-28T12:56:18.677900+00:00", "value": {"mitigation_remediation": ["Install the Dell security update that upgrades AWCC to version 6.13.8.0 or later, which removes the unnecessary privilege.", "Revoke local user rights that allow execution of AWCC or its services, ensuring only administrators can launch it.", "Apply local group policy or task\u2011secref to enforce least\u2011privilege execution for AWCC processes."], "summary": {"action": "Apply Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "All Dell Alienware Command Center installations running versions earlier than 6.13.8.0 on Windows platforms are affected. The vulnerability was identified in the Dell Alienware Command Center (AWCC) component.", "description_and_impact": "Dell Alienware Command Center prior to 6.13.8.0 contains an Execution with Unnecessary Privileges flaw. A local user with limited rights can trigger the vulnerability and run code or processes with elevated privileges, thereby gaining administrative capabilities. The weakness is a classic example of CWE\u2011250.", "risk_and_exploitability": "The CVSS score of 6.7 indicates moderate severity. EPSS data is not available, and the issue is not listed in the CISA KEV catalog, suggesting no documented widespread exploitation. The attack requires local access from a low\u2011privileged user and is therefore likely to be used in targeted or opportunistic scenarios, allowing the attacker to elevate privileges on the compromised machine."}}}}, "created": "2026-04-28T08:30:13.035100+00:00", "title": "Local Privilege Escalation via Unnecessary Privilege in Dell Alienware Command Center", "updated": "2026-04-28T13:00:15.247992+00:00", "vendors": ["dell", "dell$PRODUCT$alienware_command_center"]}