Plattform
dell
Komponente
dell-powerprotect-datadomain
Behoben in
8.6.0.0
8.3.1.20
7.13.1.50
CVE-2026-23779 describes a command injection vulnerability discovered in Dell PowerProtect Data Domain. This flaw allows a high-privileged attacker with local access to potentially escalate privileges and gain root-level control over the system. The vulnerability impacts versions 7.7.1.0 through 8.5, LTS2025 versions 8.3.1.0 through 8.3.1.20, and LTS2024 versions 7.13.1.0 through 7.13.1.50. Dell recommends upgrading to version 8.6.0.0 or later to address this security concern.
Successful exploitation of CVE-2026-23779 could allow an attacker with local access to execute arbitrary commands on the Dell PowerProtect Data Domain system with root privileges. This could lead to complete system compromise, data theft, and disruption of services. The ability to execute commands as root provides the attacker with unrestricted access to the entire system, making it a highly critical vulnerability. This is a significant escalation of privilege.
CVE-2026-23779 was published on 2026-04-17. Currently, no public proof-of-concept (POC) exploits are known. The CVSS score of 6.7 (MEDIUM) indicates a moderate potential for exploitation. It is not currently listed on KEV or EPSS, suggesting a low probability of active exploitation at this time.
Organizations heavily reliant on Dell PowerProtect Data Domain for data protection and backup are at significant risk. This includes those with legacy deployments of affected versions, environments with inadequate access controls, and those lacking robust monitoring and patching processes. Shared hosting environments utilizing Data Domain appliances are also particularly vulnerable due to the potential for cross-tenant exploitation.
• linux / server:
journalctl -u dd-os | grep -i "command injection"• linux / server:
ps aux | grep -i "malicious_command"• linux / server:
find / -name "vulnerable_script.sh" -printdisclosure
Exploit-Status
EPSS
0.01% (3% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-23779 is to upgrade Dell PowerProtect Data Domain to version 8.6.0.0 or later. Restrict local access to the system to only authorized personnel. Implement strong password policies and multi-factor authentication. Regularly review system logs for suspicious activity. If an upgrade is not immediately possible, consider implementing input validation and sanitization techniques to prevent command injection. After upgrade, verify the fix by attempting to inject commands and confirming they are not executed.
Dell ha publicado una actualización de seguridad (DSA-2026-060) para PowerProtect Data Domain que corrige esta vulnerabilidad de inyección de comandos. Se recomienda aplicar la actualización a la versión 8.6.0.0 o posterior, o a las versiones especificadas en el aviso de seguridad de Dell.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-23779 is a command injection vulnerability affecting Dell PowerProtect Data Domain versions 7.7.1.0 through 8.6.0.0, allowing local attackers to gain root access.
You are affected if your Dell PowerProtect Data Domain is running versions 7.7.1.0–8.5, LTS2025 8.3.1.0–8.3.1.20, or LTS2024 7.13.1.0–7.13.1.50.
Upgrade to Dell PowerProtect Data Domain version 8.6.0.0 or later to remediate the vulnerability. Restrict local access as an interim measure.
As of now, there are no known public exploits or active campaigns targeting CVE-2026-23779, but the potential for exploitation remains.
Refer to the official Dell Security Advisory for CVE-2026-23779 on the Dell Support website (search for the advisory ID related to this CVE).
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.