Primary

Context

Dell UPS Multi-UPS Management Console Incorrect Default Permissions Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A vulnerability exists in Dell UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03), released in January 2013. This vulnerability, categorized as Incorrect Default Permissions (CWE-276), allows an attacker to execute arbitrary code with SYSTEM privileges. The issue arises when the application is manipulated to load a specially crafted DLL.

Impact

Exploitation of this vulnerability allows for arbitrary code execution with SYSTEM privileges.

Remediation

Users are advised to stop using Dell UPS Multi-UPS Management Console, as the product is no longer supported. The latest version of the software can be downloaded from the Dell Support website.

Added: Mar 5, 2026, 3:17 AM

Updated: Mar 5, 2026, 3:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.0

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.0

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell UPS Multi-UPS Management Console Incorrect Default Permissions Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating