Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Local-only attack vector and high-privilege requirement confirmed by description; confidentiality-only impact because link following enables unauthorized file reads with no write or availability consequence.
Primary rating from Vendor (dell).
CVSS VectorVendor: dell
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access ('link following') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access.
AnalysisAI
Link-following exploitation in Dell PowerProtect Data Domain enables a high-privileged local attacker to read files outside their intended access scope by manipulating symbolic or hard links before file access operations resolve. Affected across multiple release trains - mainline 7.7.1.0 through 8.6, LTS2026 8.6.1.10 and below, LTS2025 8.3.1.30 and below, and LTS2024 7.13.1.70 and below. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires two concrete prerequisites: (1) local access to the Dell PowerProtect Data Domain appliance - the CVSS AV:L metric confirms this is not remotely exploitable over a network; and (2) a high-privilege account on the system (PR:H), such as an administrative or root-equivalent role. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 4.4 (Medium) with vector AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N is internally consistent and accurately reflects the constrained threat model: local-only attack vector, high privilege prerequisite, and impact limited to confidentiality with no integrity or availability consequence. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with an existing high-privileged local account on the Data Domain appliance - for example, a compromised administrator credential or a rogue insider - creates a symbolic link at a path that a privileged Data Domain process is expected to access during a management or backup operation. When the vulnerable process follows the link without resolving and validating the canonical path, it reads the attacker-specified target file, potentially exposing sensitive configuration data, credentials, or backup metadata. … |
| Remediation | Apply the Dell-released security updates documented in advisory DSA-2026-278 (https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities). … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Powerprotect Data Domain
View allDell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficie
Arbitrary OS command execution in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus the LTS2026, LTS2025
OS command injection in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus the LTS2026, LTS2025, and LTS2
Authenticated OS command injection in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus LTS2026 8.6.1.0-
OS command injection in Dell PowerProtect Data Domain across four supported release tracks allows a high-privileged loca
Integer overflow in Dell PowerProtect Data Domain across multiple release trains (main, LTS2024, LTS2025, LTS2026) expos
Format string exploitation in Dell PowerProtect Data Domain enables remote high-privileged attackers to disclose memory
Symlink-following vulnerability in Dell PowerProtect Data Domain allows a high-privileged remote attacker to traverse ou
Incorrect permission assignment on a critical resource in Dell PowerProtect Data Domain exposes sensitive data to high-p
Dell PowerProtect Data Domain's handling of a less-trusted data source allows a remote, high-privileged attacker to perf
Path traversal in Dell PowerProtect Data Domain allows a locally authenticated high-privileged attacker to read files ou
Same weakness CWE-59 – Improper Link Resolution Before File Access
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41532
GHSA-72f3-wx74-78wc