Primary

Context

Dell UPS Multi-UPS Management Console Unquoted Search Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A vulnerability allowing arbitrary code execution with SYSTEM privileges has been identified in Dell UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03). This issue arises from an unquoted search path vulnerability, which allows users with write access to a directory on the system drive to execute malicious code.

Impact

Exploitation of this vulnerability allows for arbitrary code execution with SYSTEM privileges.

Remediation

Users are advised to stop using Dell UPS Multi-UPS Management Console, as the product is no longer supported. The latest version of the software can be downloaded from the Dell Support website.

Added: Mar 5, 2026, 3:17 AM

Updated: Mar 5, 2026, 3:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell UPS Multi-UPS Management Console Unquoted Search Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating