Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.4
Dell Device Management Agent stores passwords in plain text
CVE-2026-22285
Summary
Dell's Device Management Agent, in versions before 26.02, stores passwords in a way that's easy to read. This means a highly skilled attacker with access to the device could potentially read these passwords and use them to access your system. You should update to the latest version of the agent to fix this.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| dell | device_management_agent | <= 26.02 | – |
Original title
Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vuln...
Original description
Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access.
nvd CVSS3.1
4.4
Vulnerability type
CWE-256
- https://www.dell.com/support/kbdoc/en-us/000429177/dsa-2026-105 Vendor Advisory
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026