Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.5
UPS Multi-UPS Management Console allows attackers to run malicious code with administrator rights
CVE-2026-26034
Summary
An attacker can exploit a security weakness in the UPS Multi-UPS Management Console to run unauthorized code with administrator privileges. This could lead to unauthorized changes or data theft. Update the software to the latest version to fix the issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| dell | ups_multi-ups_management_console | 01.06.0001_\(a03\) | – |
Original title
UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Incorrect Default Permissions (CWE-276) vulnerability that allows an attacker to execute arbitrary code with SYSTEM priv...
Original description
UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Incorrect Default Permissions (CWE-276) vulnerability that allows an attacker to execute arbitrary code with SYSTEM privileges by causing the application to load a specially crafted DLL.
nvd CVSS3.0
7.8
nvd CVSS4.0
8.5
Vulnerability type
CWE-276
Incorrect Default Permissions
CWE-428
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026