Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
High privilege required for network exploitation; partial memory read warrants C:L, service crash warrants A:H, no integrity impact applies.
Primary rating from Vendor (dell).
CVSS VectorVendor: dell
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of externally-controlled format string vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and denial of service.
AnalysisAI
Format string exploitation in Dell PowerProtect Data Domain enables remote high-privileged attackers to disclose memory contents and crash the service across multiple concurrent release trains. Affected versions span the mainline (7.7.1.0-8.7), LTS2026 (8.6.1.0-8.6.1.10), LTS2025 (8.3.1.0-8.3.1.30), and LTS2024 (7.13.1.0-7.13.1.70) branches, creating broad organizational exposure for enterprises running any supported Data Domain release. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to hold high-privileged (administrative) credentials on the target Dell PowerProtect Data Domain system, as confirmed by the CVSS PR:H metric - unauthenticated or low-privilege users cannot exploit this vulnerability. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 5.5 (Medium) accurately reflects the real-world risk ceiling imposed by the PR:H requirement: exploitation demands pre-existing high-privileged remote access, meaning the threat model is a compromised admin account or a malicious insider with elevated credentials. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with stolen or legitimate high-privileged administrative credentials connects to a Dell PowerProtect Data Domain management interface over the network and submits a crafted input string containing format specifiers such as %x or %s through an administrative command or API parameter. The application passes the unsanitized input directly to a format function, causing the process to read and return stack or heap memory contents - potentially exposing credentials, keys, or internal state - or to crash, taking the Data Domain deduplication and backup service offline. … |
| Remediation | Apply the vendor-released patches documented in Dell Security Advisory DSA-2026-278 at https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities; exact fixed version numbers are specified in that advisory and were not independently confirmed from the input data provided. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Powerprotect Data Domain
View allDell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficie
Arbitrary OS command execution in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus the LTS2026, LTS2025
OS command injection in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus the LTS2026, LTS2025, and LTS2
Authenticated OS command injection in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus LTS2026 8.6.1.0-
OS command injection in Dell PowerProtect Data Domain across four supported release tracks allows a high-privileged loca
Integer overflow in Dell PowerProtect Data Domain across multiple release trains (main, LTS2024, LTS2025, LTS2026) expos
Symlink-following vulnerability in Dell PowerProtect Data Domain allows a high-privileged remote attacker to traverse ou
Incorrect permission assignment on a critical resource in Dell PowerProtect Data Domain exposes sensitive data to high-p
Link-following exploitation in Dell PowerProtect Data Domain enables a high-privileged local attacker to read files outs
Dell PowerProtect Data Domain's handling of a less-trusted data source allows a remote, high-privileged attacker to perf
Path traversal in Dell PowerProtect Data Domain allows a locally authenticated high-privileged attacker to read files ou
Same weakness CWE-134 – Use of Externally-Controlled Format String
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41545
GHSA-7453-m98r-24j9