{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24508", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "state": "PUBLISHED", "assignerShortName": "dell", "dateReserved": "2026-01-23T06:07:21.818Z", "datePublished": "2026-03-11T18:56:10.153Z", "dateUpdated": "2026-03-11T20:07:12.147Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-03-11T18:56:10.153Z"}, "datePublic": "2026-03-11T17:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-295", "description": "CWE-295: Improper Certificate Validation", "type": "CWE"}]}], "affected": [{"vendor": "Dell", "product": "Alienware Command Center (AWCC)", "versions": [{"status": "affected", "version": "0", "lessThan": "6.12.24.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure."}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000427573/dsa-2026-093", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseSeverity": "LOW", "baseScore": 2.5, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-11T20:07:04.572249Z", "id": "CVE-2026-24508", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T20:07:12.147Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24508", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-11T20:07:04.572249Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T20:07:07.692Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.5, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Dell", "product": "Alienware Command Center (AWCC)", "versions": [{"status": "affected", "version": "0", "lessThan": "6.12.24.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "datePublic": "2026-03-11T17:00:00.000Z", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000427573/dsa-2026-093", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.0"}, "descriptions": [{"lang": "en", "value": "Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.", "supportingMedia": [{"type": "text/html", "value": "Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-295", "description": "CWE-295: Improper Certificate Validation"}]}], "providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-03-11T18:56:10.153Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24508", "state": "PUBLISHED", "dateUpdated": "2026-03-11T20:07:12.147Z", "dateReserved": "2026-01-23T06:07:21.818Z", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "datePublished": "2026-03-11T18:56:10.153Z", "assignerShortName": "dell"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dell:alienware_command_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "66A0D6A1-A739-4177-B8CB-91D07C3E7984", "versionEndExcluding": "6.12.24.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure."}, {"lang": "es", "value": "Dell Alienware Command Center (AWCC), versiones anteriores a la 6.12.24.0, contienen una vulnerabilidad de validaci\u00f3n de certificado incorrecta. Un atacante con privilegios bajos con acceso local podr\u00eda potencialmente explotar esta vulnerabilidad, lo que lleva a la exposici\u00f3n de informaci\u00f3n."}], "id": "CVE-2026-24508", "lastModified": "2026-03-16T20:36:45.663", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 1.4, "source": "security_alert@emc.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-11T20:16:14.400", "references": [{"source": "security_alert@emc.com", "tags": ["Vendor Advisory"], "url": "https://www.dell.com/support/kbdoc/en-us/000427573/dsa-2026-093"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "security_alert@emc.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,6.12.24.0)"}}], "enrichment": {"confidence": 91.0, "confidence_source": "matching", "scores": [{"score": 91.0, "source": "matching"}]}, "original": {"product": "Alienware Command Center (AWCC)", "source": "cna", "vendor": "Dell"}, "product": "alienware_command_center", "vendor": "dell"}], "analysis": {"en": {"generated_at": "2026-03-20T15:09:04.919422+00:00", "value": {"mitigation_remediation": ["Upgrade Dell Alienware Command Center to version 6.12.24.0 or newer as distributed by Dell.", "If an upgrade is not immediately available, verify that the system\u2019s certificate validation settings are not overridden and that no compromised certificates are used.", "Monitor Dell support resources for any additional patches or advisories."], "summary": {"action": "Patch", "impact": "Information Exposure"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Dell Alienware Command Center (AWCC) versions earlier than 6.12.24.0. In particular, any installation of AWCC before the 6.12.24.0 release on Dell Alienware systems is exposed.", "description_and_impact": "Dell Alienware Command Center (AWCC) prior to version 6.12.24.0 has an improper certificate validation flaw that can lead to the disclosure of sensitive information. The weakness is due to inadequate verification of SSL/TLS certificates during application communication. An attacker who gains local or low level privileges on the affected system can exploit this flaw and access data that should otherwise be protected, resulting in compromise of confidentiality.", "risk_and_exploitability": "The CVSS score of 2.5 indicates a low severity security flaw, and the EPSS score of less than 1% signifies a very low probability of exploitation. This vulnerability is not listed in the CISA KEV catalog, indicating no known large-scale or targeted exploitation. The attack vector is local: an attacker must have at least low privileged access to the machine, so remote exploitation is not possible."}}}}, "created": "2026-03-12T09:56:53.429199+00:00", "title": "Improper Certificate Validation in Dell Alienware Command Center Enables Local Information Exposure", "updated": "2026-03-20T15:29:28.346350+00:00", "vendors": ["dell", "dell$PRODUCT$alienware_command_center"]}