Dell Update_package_framework
5 CVEs affecting Dell Update_package_framework. Latest disclosed: 2026-02-12. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-23857 | High | 8.2 | 2026-02-12 | Dell Update Package (DUP) Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability… |
CVE-2025-22395 | High | 8.2 | 2025-01-07 | Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. A local low privileged attacker could potenti… |
CVE-2023-39254 | Medium | 6.7 | 2024-03-01 | Dell Update Package (DUP), Versions prior to 4.9.10 contain an Uncontrolled Search Path vulnerability. A malicious user with local access to the system could p… |
CVE-2019-3726 | Medium | 6.7 | 2019-09-24 | An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package (DUP) Framework file versions prior to 19.1.0.413, and Framework… |
CVE-2023-32454 | Medium | 6.3 | 2024-02-06 | DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could expl… |