Details of VAR-202603-2157

ID

VAR-202603-2157

CVE

CVE-2026-24509

TITLE

Dell's Alienware Command Center access control vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2026-007610

DESCRIPTION

Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. DoS ) may occur.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2026-24509 // JVNDB: JVNDB-2026-007610

AFFECTED PRODUCTS

vendor:	dell	model:	alienware command center	scope:	lt	version:	6.12.24.0	Trust: 1.0
vendor:	デル	model:	alienware command center	scope:	-	version:	-	Trust: 0.8
vendor:	デル	model:	alienware command center	scope:	eq	version:	6.12.24.0	Trust: 0.8
vendor:	デル	model:	alienware command center	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2026-007610 // NVD: CVE-2026-24509

CVSS

SEVERITY

CVSSV2

CVSSV3

security_alert@emc.com:	CVE-2026-24509
value:	LOW
Trust: 1.0
nvd@nist.gov:	CVE-2026-24509
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2026-24509
value:	MEDIUM
Trust: 0.8

security_alert@emc.com:	CVE-2026-24509
baseSeverity:	LOW
baseScore:	3.6
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	1.0
impactScore:	2.5
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2026-24509
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2026-24509
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-007610 // NVD: CVE-2026-24509 // NVD: CVE-2026-24509

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-284	Trust: 1.0
problemtype:	Inappropriate access control (CWE-284) [ others ]	Trust: 0.8
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-007610 // NVD: CVE-2026-24509

PATCH

title:

DSA-2026-093

url:

https://www.dell.com/support/kbdoc/en-us/000427573/dsa-2026-093

Trust: 0.8

sources: JVNDB: JVNDB-2026-007610

EXTERNAL IDS

db:	NVD	id:	CVE-2026-24509	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-007610	Trust: 0.8

sources: JVNDB: JVNDB-2026-007610 // NVD: CVE-2026-24509

REFERENCES

url:	https://www.dell.com/support/kbdoc/en-us/000427573/dsa-2026-093	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2026-24509	Trust: 0.8

sources: JVNDB: JVNDB-2026-007610 // NVD: CVE-2026-24509

SOURCES

db:	JVNDB	id:	JVNDB-2026-007610
db:	NVD	id:	CVE-2026-24509

LAST UPDATE DATE

2026-03-19T23:44:44.845000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-007610	date:	2026-03-18T04:26:00
db:	NVD	id:	CVE-2026-24509	date:	2026-03-16T20:55:23.130

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-007610	date:	2026-03-18T00:00:00
db:	NVD	id:	CVE-2026-24509	date:	2026-03-11T19:16:03.800