Skip to main content

PowerProtect Data Domain CVE-2026-46468

| EUVDEUVD-2026-41542 MEDIUM
Improper Link Resolution Before File Access (CWE-59)
2026-07-03 security_alert@emc.com GHSA-fpc8-735f-w5qv
4.4
CVSS 3.1 · Vendor: emc
Share

Severity by source

Vendor (emc) PRIMARY
4.4 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
4.4 MEDIUM

Local access and high privileges required to plant symlinks; only confidentiality is impacted as no write or availability effect is described.

3.1 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.0 AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (emc).

CVSS VectorVendor: emc

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Patch available
Jul 03, 2026 - 14:01 EUVD
Analysis Generated
Jul 03, 2026 - 13:31 vuln.today

DescriptionCVE.org

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access ('Link following') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure.

AnalysisAI

Dell PowerProtect Data Domain exposes sensitive file content to high-privileged local attackers through a symlink-following flaw (CWE-59), where the application fails to validate link targets before file access. Affected versions span multiple release trains including the current 8.x mainline and LTS branches. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain high-privileged local shell on Data Domain
Delivery
Identify directory traversed by privileged process
Exploit
Plant symbolic link pointing to sensitive target file
Execution
Trigger or await vulnerable process file access
Impact
Read exposed sensitive file contents

Vulnerability AssessmentAI

Exploitation Exploitation requires an attacker to already possess high-privileged (PR:H) local access to the Data Domain appliance - specifically, a shell-level account with sufficient OS permissions to create symbolic links in directories used by the vulnerable application. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 4.4 (Medium) with vector AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N accurately reflects the constrained threat model: exploitation requires physical or remote shell access with high OS-level privileges, which significantly limits the attacker pool. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local administrator or backup operator with an elevated shell session on the Data Domain appliance creates a symbolic link in a directory traversed by a privileged system process, redirecting file access to a sensitive target such as an internal configuration file containing credentials or encryption key references. When the vulnerable process accesses the symlink target without validation, its contents are exposed to the attacker. …
Remediation Apply the vendor-released patches documented in Dell DSA-2026-278 (https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities); the advisory covers all affected LTS and mainline release trains. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-29987 HIGH
8.8 Apr 03

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficie

CVE-2026-56086 HIGH
8.8 Jul 08

Improper authorization enforcement in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.6, plus LTS branches 8.6

CVE-2024-37140 HIGH
8.8 Jun 26

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an OS command injection v

CVE-2024-29176 HIGH
8.8 Jun 26

Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. Ra

CVE-2026-53482 HIGH
7.5 Jul 08

Denial of service in Dell PowerProtect Data Domain (DDOS versions 7.7.1.0 through 8.7, plus LTS2026 8.6.1.0-8.6.1.10, LT

CVE-2024-45759 HIGH
7.3 Nov 08

Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of

CVE-2024-48010 HIGH
7.2 Nov 08

Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerab

CVE-2026-41122 HIGH
7.1 Jul 08

Stored cross-site scripting in Dell PowerProtect Data Domain (DD OS 7.7.1.0 through 8.7, plus the LTS2026 8.6.1.x, LTS20

CVE-2024-37138 MEDIUM
6.8 Jun 26

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC contain a relative path t

CVE-2026-54483 MEDIUM
6.7 Jul 03

OS command injection in Dell PowerProtect Data Domain enables a high-privileged local attacker to execute arbitrary oper

CVE-2026-26355 MEDIUM
6.5 Jul 03

OS command injection in Dell PowerProtect Data Domain across four version release trains allows a high-privileged remote

CVE-2025-46645 MEDIUM
6.5 Jan 09

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.

Share

CVE-2026-46468 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy