Skip to main content

PowerProtect Data Domain CVE-2026-46730

| EUVDEUVD-2026-41540 MEDIUM
Incorrect Authorization (CWE-863)
2026-07-03 security_alert@emc.com GHSA-vgwp-j4mh-9wxr
4.2
CVSS 3.1 · Vendor: emc
Share

Severity by source

Vendor (emc) PRIMARY
4.2 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
vuln.today AI
4.2 MEDIUM

Local-only vector and high privileges required reflect an admin-tier authorization bypass on a managed appliance; limited and equal CIA impact matches unauthorized command execution within a bounded, non-scoped system.

3.1 AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
4.0 AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (emc).

CVSS VectorVendor: emc

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

2
Patch available
Jul 03, 2026 - 14:01 EUVD
Analysis Generated
Jul 03, 2026 - 13:32 vuln.today

DescriptionCVE.org

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect authorization vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized command execution.

AnalysisAI

Incorrect authorization in Dell PowerProtect Data Domain permits a high-privileged local attacker to execute commands outside their authorized scope across a broad span of affected versions covering the main release line and all three active LTS branches. The root cause (CWE-863) indicates the appliance's Data Domain OS fails to enforce authorization boundaries correctly for certain operations accessible to already-elevated users, enabling privilege escalation within an authenticated administrative session. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local appliance access with high-privilege credentials
Delivery
Identify command restricted by authorization policy
Exploit
Submit request through authorization-bypass path in DDOS
Execution
Execute unauthorized command on Data Domain OS
Impact
Achieve limited confidentiality, integrity, or availability impact

Vulnerability AssessmentAI

Exploitation Exploitation requires two concrete and non-trivial prerequisites: (1) local access to the Dell PowerProtect Data Domain appliance, either via physical console or an established interactive session on the Data Domain OS, and (2) an account already holding high privileges (confirmed by CVSS PR:H) on that system. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L yielding 4.2 (Medium) accurately captures the constrained threat model. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A malicious insider or an attacker who has compromised an administrator account gains local access to a Dell PowerProtect Data Domain appliance running an affected DDOS version and leverages the incorrect authorization flaw to invoke a privileged command that their high-privilege role's policy should restrict. Because the appliance does not correctly enforce intra-tier authorization boundaries, the command executes successfully, potentially allowing alteration of backup policies, access to protected recovery data, or disruption of deduplication services. …
Remediation Apply the patches detailed in Dell Security Advisory DSA-2026-278 (https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities). … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Dell

View all
CVE-2026-22769 CRITICAL
10.0 Feb 17

Dell RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1 contains hardcoded credentials (CVE-2026-22769, CVSS 10.0) t

CVE-2025-36604 HIGH POC
7.3 Aug 04

Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('

CVE-2025-24383 CRITICAL
9.1 Mar 28

Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('

CVE-2025-22398 CRITICAL
9.8 Mar 28

Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('

CVE-2025-27690 CRITICAL
9.8 Apr 10

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. Rated critic

CVE-2024-53298 CRITICAL
9.8 Jun 20

CVE-2024-53298 is a critical missing authorization vulnerability in Dell PowerScale OneFS NFS export functionality that

CVE-2026-41120 CRITICAL
9.8 Jun 25

Remote code execution affects Dell Wyse Management Suite in all versions prior to WMS 5.5 HF1, stemming from the applica

CVE-2026-40636 CRITICAL
9.8 May 11

Hard-coded credentials in Dell ECS 3.8.1.0-3.8.1.7 and ObjectScale <4.3.0.0 allow unauthenticated filesystem access. Des

CVE-2024-48013 HIGH
8.8 Mar 17

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Execution with Unnecess

CVE-2025-29987 HIGH
8.8 Apr 03

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficie

CVE-2025-24381 HIGH
8.8 Mar 28

Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. R

CVE-2026-35065 HIGH
8.8 Jun 17

Missing authentication on a critical function in Dell PowerFlex Manager allows an adjacent-network attacker to invoke pr

Share

CVE-2026-46730 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy