Dell Storage Manager Flaw: Local Privilege Escalation Risk
The National Vulnerability Database (NVD) has flagged a significant security flaw, CVE-2026-23772, within Dell Storage Manager - Replay Manager for Microsoft Servers, specifically version 8.0. This vulnerability, categorized as Improper Privilege Management (CWE-269), presents a clear path for a low-privileged local attacker to elevate their access on affected systems.
According to the NVD, a successful exploit could grant an attacker higher privileges, which is a big deal. While it requires local access, once an attacker is inside the network, even with minimal permissions, this flaw provides a ladder to more sensitive areas. The CVSS score of 7.3 (HIGH) underscores the seriousness, indicating that while the attack vector is local, the impact on confidentiality, integrity, and availability could be substantial.
Related ATT&CK Techniques
🛡️ Detection Rules
2 rules · 6 SIEM formats2 auto-generated detection rules for this incident, mapped to MITRE ATT&CK. Available in Sigma, Splunk SPL, Sentinel KQL, Elastic Lucene, QRadar AQL, and Wazuh.
Privilege Escalation Attempt Detection
Want this in your SIEM's native format? Get Splunk SPL, Sentinel KQL, Elastic, QRadar AQL, or Wazuh — ready to paste.
2 Sigma rules mapped to the ATT&CK techniques from this breach — pick your SIEM and get a ready-to-paste query.
Get All SIEM Formats →Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-23772 | Privilege Escalation | Dell Storage Manager - Replay Manager for Microsoft Servers |
| CVE-2026-23772 | Privilege Escalation | Affected version(s): 8.0 |
| CVE-2026-23772 | Privilege Escalation | Improper Privilege Management vulnerability |
Related Posts
NIST NVD Prioritizes CISA KEV and Critical Software CVEs
NIST is refining its National Vulnerability Database (NVD) enrichment process, a move that SecurityWeek reports is aimed at optimizing the management of the sheer volume...
CVE-2025-6024 — The authentication endpoint fails to encode user-supplied
CVE-2025-6024 — The authentication endpoint fails to encode user-supplied input before rendering it in the web page, allowing for script injection. An attacker can leverage...
CVE-2024-4867 — Cross-Site Scripting (XSS)
CVE-2024-4867 — The WSO2 API Manager developer portal accepts user-supplied input without enforcing expected validation constraints or proper output encoding. This deficiency allows a malicious...