Sign-up

ID

VAR-202603-2266


CVE

CVE-2026-24508


TITLE

Dell's Alienware Command Center Certificate validation vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2026-007611

DESCRIPTION

Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. In addition, information handled by the software will not be rewritten. Furthermore, the software will not stop. Furthermore, attacks exploiting this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2026-24508 // JVNDB: JVNDB-2026-007611

AFFECTED PRODUCTS

vendor:dellmodel:alienware command centerscope:ltversion:6.12.24.0

Trust: 1.0

vendor:デルmodel:alienware command centerscope: - version: -

Trust: 0.8

vendor:デルmodel:alienware command centerscope:eqversion:6.12.24.0

Trust: 0.8

vendor:デルmodel:alienware command centerscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2026-007611 // NVD: CVE-2026-24508

CVSS

SEVERITY

CVSSV2

CVSSV3

security_alert@emc.com: CVE-2026-24508
value: LOW

Trust: 1.0

nvd@nist.gov: CVE-2026-24508
value: MEDIUM

Trust: 1.0

NVD: CVE-2026-24508
value: MEDIUM

Trust: 0.8

security_alert@emc.com: CVE-2026-24508
baseSeverity: LOW
baseScore: 2.5
vectorString: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 1.0
impactScore: 1.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2026-24508
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2026-24508
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2026-007611 // NVD: CVE-2026-24508 // NVD: CVE-2026-24508

PROBLEMTYPE DATA

problemtype:CWE-295

Trust: 1.0

problemtype:Illegal certificate verification (CWE-295) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2026-007611 // NVD: CVE-2026-24508

PATCH

title:DSA-2026-093url:https://www.dell.com/support/kbdoc/en-us/000427573/dsa-2026-093

Trust: 0.8

sources: JVNDB: JVNDB-2026-007611

EXTERNAL IDS

db:NVDid:CVE-2026-24508

Trust: 2.6

db:JVNDBid:JVNDB-2026-007611

Trust: 0.8

sources: JVNDB: JVNDB-2026-007611 // NVD: CVE-2026-24508

REFERENCES

url:https://www.dell.com/support/kbdoc/en-us/000427573/dsa-2026-093

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2026-24508

Trust: 0.8

sources: JVNDB: JVNDB-2026-007611 // NVD: CVE-2026-24508

SOURCES

db:JVNDBid:JVNDB-2026-007611
db:NVDid:CVE-2026-24508

LAST UPDATE DATE

2026-03-21T23:37:32.439000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2026-007611date:2026-03-18T04:26:00
db:NVDid:CVE-2026-24508date:2026-03-16T20:36:45.663

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2026-007611date:2026-03-18T00:00:00
db:NVDid:CVE-2026-24508date:2026-03-11T20:16:14.400