Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker.
Details
CVSS v3
9.8
EPSS
<0.1% probability · 17.1th percentile — 2026-05-11
Affected versions
Dell ECS 3.8.1.0 through 3.8.1.7, Dell ObjectScale prior to 4.3.0.0
Summary
This vulnerability occurs due to hard-coded credentials in affected Dell storage products. An unauthenticated attacker with local access can exploit this flaw to gain unauthorized filesystem access. Successful exploitation can lead to full system compromise and sensitive data exposure.
Remediation
Upgrade Dell ObjectScale to version 4.3.0.0 or newer to address this vulnerability. For Dell ECS installations, apply the latest security update released by Dell as soon as possible. Restrict local access to affected devices until patching is completed.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.