Dell: Three Medium-Severity 'Link Following' Vulnerabilities Disclosed Together
Dell disclosed three medium-severity vulnerabilities on June 9, 2026, affecting Dell/Alienware Purchased Apps, Dell Inventory Collector Client, and Dell iDRAC Tools, all stemming from improper link resolution.
Key findings
- Three medium-severity 'Link Following' vulnerabilities disclosed by Dell on June 9, 2026.
- Vulnerabilities affect Dell/Alienware Purchased Apps, Dell Inventory Collector Client, and Dell iDRAC Tools.
- Exploitation requires local access and can lead to arbitrary file write or information tampering.
- Patches are available for all affected products; users urged to update promptly.
On June 9, 2026, Dell addressed a cluster of three medium-severity vulnerabilities that were disclosed on the same day. These vulnerabilities, affecting distinct Dell products, share a common root cause: an Improper Link Resolution Before File Access, often referred to as 'Link Following'. This commonality suggests a potential pattern in how these applications handle file access, allowing a low-privileged local attacker to achieve arbitrary file writes or information tampering.
The first vulnerability, tracked as CVE-2026-44275, impacts Dell/Alienware Purchased Apps versions prior to 1.1.32.0. A successful exploit here could lead to arbitrary file write operations, enabling an attacker to modify or replace files on the system with elevated privileges. This could have significant implications for system integrity and security.
Similarly, CVE-2026-41116 affects Dell Inventory Collector Client versions before 13.8.0. This vulnerability also allows for arbitrary file writes due to improper link resolution. The Dell Inventory Collector Client is crucial for asset management and inventory tracking, making a compromise of this component potentially disruptive to IT operations.
The third vulnerability, CVE-2026-28262, is found in Dell iDRAC Tools versions prior to 11.4.1.0. While this vulnerability also stems from improper link resolution, its impact is described as information tampering rather than arbitrary file write. This could allow an attacker to alter critical system information, potentially leading to misconfigurations or denial of service.
All three vulnerabilities were disclosed within a nine-hour window, indicating a coordinated disclosure event. The consistent 'Link Following' vulnerability class across these disparate products highlights a potential area for Dell to review its internal development and security practices. While none of these vulnerabilities are reported to be exploited in the wild, their local access requirement and potential for file manipulation or information tampering make them a concern for system administrators.
Dell has released patches for all affected products. Users are strongly advised to update Dell/Alienware Purchased Apps to version 1.1.32.0 or later, Dell Inventory Collector Client to version 13.8.0 or later, and Dell iDRAC Tools to version 11.4.1.0 or later to mitigate these risks. Prompt patching is essential to prevent potential system compromise.