High severity8.4NVD Advisory· Published Apr 17, 2026· Updated May 8, 2026

CVE-2026-23853

Description

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to unauthorized access to the system.

Affected products

Dell/Powerprotect Dp Series Appliance
cpe:2.3:a:dell:powerprotect_dp_series_appliance:*:*:*:*:*:*:*:*
Range: <2.7.9
Dell/Data Domain Operating System
cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
Range: >=7.7.1.0,<7.13.1.60

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilitiesnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.546
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000