PT-2026-57159 · Dell · Unisphere For Powermax

Published

2026-07-10

·

Updated

2026-07-10

·

CVE-2026-54469

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Dell Unisphere for PowerMax versions prior to 10.3.0.7
Description Dell Unisphere for PowerMax contains a deserialization of untrusted data flaw. A low-privileged attacker with remote access can exploit this issue to achieve arbitrary command execution with root privileges on the management console. Because the software manages enterprise PowerMax storage arrays, root-level code execution on the console has a high impact on the entire storage fabric it controls. This exploitation requires only a low-privileged authenticated account and no user interaction.
Recommendations Upgrade to version 10.3.0.7 or later. Upgrade to version 10.3.1.1 Patch 11360 or later.

Fix

RCE

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-54469

Affected Products

Unisphere For Powermax