Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionCVE.org
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a stack-based buffer overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.
AnalysisAI
Stack-based buffer overflow in Dell PowerProtect Data Domain versions 7.7.1.0-8.6, LTS2025 8.3.1.0-8.3.1.20, and LTS2024 7.13.1.0-7.13.1.60 allows high-privileged local attackers to execute arbitrary commands as root. The vulnerability requires local access and elevated privileges, limiting exposure to insider threats or compromised administrative accounts rather than remote attackers. No public exploit has been identified at time of analysis.
Technical ContextAI
Stack-based buffer overflow (CWE-121) in Dell PowerProtect Data Domain, a deduplication and disaster recovery storage appliance. The vulnerability exists in a code path accessible only to high-privileged local users, meaning the attacker must already possess administrative credentials or have escalated privileges on the system. Stack overflows in C/C++-based storage systems can corrupt return addresses and other stack-resident data structures, enabling control flow hijacking to execute arbitrary code with the privileges of the vulnerable process.
RemediationAI
Apply Dell's security update for PowerProtect Data Domain as specified in DSA-2026-060; consult the advisory for exact patched versions for each release stream (7.x, LTS2024, LTS2025). Patch availability and specific version numbers must be confirmed directly from the Dell advisory as they are not provided in this analysis. As an interim compensating control, restrict administrative account access to PowerProtect Data Domain systems to only users requiring it for backup/recovery operations, implement multi-factor authentication for privileged accounts, and monitor command execution logs for unusual activity from high-privilege sessions. Restrict local console and SSH access to backup appliances to change management jump hosts or out-of-band networks, not direct workstation connections. These controls reduce the risk of an attacker obtaining the high privileges required to exploit this vulnerability.
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default passwor
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute
Dell RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1 contains hardcoded credentials (CVE-2026-22769, CVSS 10.0) t
An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance vers
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not requir
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection
d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allows remote at
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privile
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Stack Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-23914
GHSA-g6r9-7cf4-gwv6