Skip to main content

PowerProtect Data Domain CVE-2026-54483

| EUVDEUVD-2026-41536 MEDIUM
OS Command Injection (CWE-78)
2026-07-03 security_alert@emc.com GHSA-jcxg-c4c8-fvg9
6.7
CVSS 3.1 · Vendor: emc
Share

Severity by source

Vendor (emc) PRIMARY
6.7 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
6.7 MEDIUM

Local vector and high privilege requirement reflect CLI/shell access by admin; full C/I/A impact warranted by arbitrary OS command execution on the appliance.

3.1 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (emc).

CVSS VectorVendor: emc

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Patch available
Jul 03, 2026 - 14:01 EUVD
Analysis Generated
Jul 03, 2026 - 13:32 vuln.today

DescriptionCVE.org

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

AnalysisAI

OS command injection in Dell PowerProtect Data Domain enables a high-privileged local attacker to execute arbitrary operating system commands on the backup appliance, achieving full command execution within the Data Domain OS (DDOS). The flaw spans the general release track (7.7.1.0-8.6) and three LTS streams (LTS2024, LTS2025, LTS2026), indicating a shared vulnerable code path across a wide version surface. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain high-privileged DDOS admin credentials
Delivery
Authenticate to local management CLI or shell interface
Exploit
Submit crafted input with OS command injection payload
Execution
DDOS interpolates input into shell command without sanitization
Persist
Execute arbitrary OS commands with process-level privileges
Impact
Access or exfiltrate backup data / persist on appliance

Vulnerability AssessmentAI

Exploitation Exploitation requires two concrete prerequisites: (1) high-privileged (PR:H) authenticated access to the appliance, consistent with an administrative account or equivalent privileged role within DDOS, as confirmed by the CVSS vector; and (2) local access (AV:L), meaning the attacker must have an authenticated local session - physical console, SSH, or equivalent - rather than exploiting an exposed unauthenticated network service. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor-assigned CVSS 6.7 score accurately reflects the constrained exploitability profile: local attack vector (AV:L) combined with high-privilege requirement (PR:H) means an attacker must already possess admin-level authenticated access before exploitation is possible. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained high-privileged credentials to a Dell PowerProtect Data Domain appliance - through insider access, credential theft, or as part of a broader compromise chain - authenticates to the DDOS management CLI or local shell interface. The attacker submits a crafted input string containing injected OS command sequences (e.g., via semicolons, backticks, or shell metacharacters) to a vulnerable command-processing function. …
Remediation Apply the vendor-supplied patch as documented in Dell advisory DSA-2026-278 (https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities). … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-29987 HIGH
8.8 Apr 03

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficie

CVE-2026-56086 HIGH
8.8 Jul 08

Improper authorization enforcement in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.6, plus LTS branches 8.6

CVE-2024-37140 HIGH
8.8 Jun 26

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an OS command injection v

CVE-2024-29176 HIGH
8.8 Jun 26

Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. Ra

CVE-2026-53482 HIGH
7.5 Jul 08

Denial of service in Dell PowerProtect Data Domain (DDOS versions 7.7.1.0 through 8.7, plus LTS2026 8.6.1.0-8.6.1.10, LT

CVE-2024-45759 HIGH
7.3 Nov 08

Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of

CVE-2024-48010 HIGH
7.2 Nov 08

Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerab

CVE-2026-41122 HIGH
7.1 Jul 08

Stored cross-site scripting in Dell PowerProtect Data Domain (DD OS 7.7.1.0 through 8.7, plus the LTS2026 8.6.1.x, LTS20

CVE-2024-37138 MEDIUM
6.8 Jun 26

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC contain a relative path t

CVE-2026-26355 MEDIUM
6.5 Jul 03

OS command injection in Dell PowerProtect Data Domain across four version release trains allows a high-privileged remote

CVE-2025-46645 MEDIUM
6.5 Jan 09

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.

CVE-2024-48011 MEDIUM
6.5 Nov 08

Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor

Share

CVE-2026-54483 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy