CVE-2026-23853

Summary

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to unauthorized access to the system.

Affected Software

VendorProductVersion RangeStatus
DellPowerProtect Data Domain0 < 8.6.0.0 or lateraffected
DellPowerProtect Data Domain0 < 8.3.1.20 or lateraffected
DellPowerProtect Data Domain0 < 7.13.1.50 or lateraffected
DellPowerProtect Data Domain0 < 2.7.9 with DD OS 8.3.1.30affected

Weaknesses

  • CWE-1391: CWE-1391: Use of Weak Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References