CVE-2026-34883: n/a
An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily_07Feb11.edr to C:\ProgramData\Portrait Displays\CW\data\i1D3\ while running with elevated privileges. Because the installer does not properly validate symbolic links or reparse points at the destination path, an attacker can create a malicious link that redirects the write operation to an arbitrary system location, enabling arbitrary file creation or overwrite with elevated privileges.
AI Analysis
Technical Summary
The vulnerability in Portrait Dell Color Management application before version 3.7.0 involves improper validation of symbolic links during installation on Windows. The installer writes the file CCFLFamily_07Feb11.edr to a system directory while running with elevated privileges but does not verify if the destination path is a symbolic link or reparse point. An attacker with local low privileges can exploit this by creating a malicious symbolic link that causes the installer to write or overwrite arbitrary files with administrator privileges, leading to privilege escalation.
Potential Impact
A local attacker with low privileges can escalate to administrator privileges by exploiting the symbolic link vulnerability during the installation process. This could allow arbitrary file creation or overwriting critical system files, potentially compromising system integrity and security. There are no reports of exploitation in the wild so far.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, avoid running the vulnerable installer on systems where untrusted users have local access. Monitor vendor communications for updates and apply patches promptly once available.
CVE-2026-34883: n/a
Description
An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily_07Feb11.edr to C:\ProgramData\Portrait Displays\CW\data\i1D3\ while running with elevated privileges. Because the installer does not properly validate symbolic links or reparse points at the destination path, an attacker can create a malicious link that redirects the write operation to an arbitrary system location, enabling arbitrary file creation or overwrite with elevated privileges.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability in Portrait Dell Color Management application before version 3.7.0 involves improper validation of symbolic links during installation on Windows. The installer writes the file CCFLFamily_07Feb11.edr to a system directory while running with elevated privileges but does not verify if the destination path is a symbolic link or reparse point. An attacker with local low privileges can exploit this by creating a malicious symbolic link that causes the installer to write or overwrite arbitrary files with administrator privileges, leading to privilege escalation.
Potential Impact
A local attacker with low privileges can escalate to administrator privileges by exploiting the symbolic link vulnerability during the installation process. This could allow arbitrary file creation or overwriting critical system files, potentially compromising system integrity and security. There are no reports of exploitation in the wild so far.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, avoid running the vulnerable installer on systems where untrusted users have local access. Monitor vendor communications for updates and apply patches promptly once available.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-03-31T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a0c757aec166c07b0b402a2
Added to database: 5/19/2026, 2:36:42 PM
Last enriched: 5/19/2026, 2:52:14 PM
Last updated: 5/19/2026, 3:54:01 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.