Platform
dell
Component
dell-powerprotect-data-domain
Fixed in
8.6.0.0
8.6.0.0
8.6.0.0
CVE-2026-23776 describes an Improper Certificate Validation vulnerability discovered in Dell PowerProtect Data Domain. This flaw allows a remote, low-privileged attacker to potentially elevate their privileges within the system. The vulnerability impacts versions 7.7.1.0 through 8.5, LTS2025 versions 8.3.1.0 through 8.3.1.20, and LTS2024 versions 7.13.1.0 through 7.13.1.60. Dell has released a patch in version 8.6.0.0 and later.
Successful exploitation of CVE-2026-23776 could allow an attacker to gain unauthorized access and elevated privileges on a Dell PowerProtect Data Domain system. This could lead to data breaches, system compromise, and disruption of critical data protection services. The attacker would need remote access to the system to initiate the certificate validation bypass. The potential impact is significant, as an attacker with elevated privileges could potentially modify or delete data, install malware, or pivot to other systems on the network. This vulnerability highlights the importance of robust certificate validation practices in securing sensitive data environments.
CVE-2026-23776 was publicly disclosed on 2026-04-17. Currently, there are no known public exploits or active campaigns targeting this vulnerability. It is not listed on the CISA KEV catalog as of this writing. The EPSS score is pending evaluation, but the potential for privilege escalation suggests a medium to high probability of exploitation if a suitable exploit is developed and released.
Exploit Status
EPSS
0.01% (1% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-23776 is to upgrade to Dell PowerProtect Data Domain version 8.6.0.0 or later, which includes the fix. If immediate upgrade is not possible, consider implementing stricter certificate validation policies on the network perimeter to limit the potential attack surface. Review and strengthen existing certificate management practices, ensuring that only trusted certificates are accepted. Monitor system logs for any unusual certificate validation errors or attempts to bypass the validation process. While a WAF or proxy cannot directly address this certificate validation issue, they can help limit exposure by restricting access to the Data Domain system.
Dell has released a security update (DSA-2026-060) for PowerProtect Data Domain. Apply the update to version 8.6.0.0 or later to mitigate the Improper Certificate Validation vulnerability in certificate-based login. Refer to Dell documentation for detailed instructions on how to apply the update.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-23776 is a HIGH severity vulnerability in Dell PowerProtect Data Domain allowing remote attackers to potentially elevate privileges through improper certificate validation.
You are affected if you are running Dell PowerProtect Data Domain versions 7.7.1.0–8.5, LTS2025 versions 8.3.1.0–8.3.1.20, or LTS2024 versions 7.13.1.0–7.13.1.60.
Upgrade to Dell PowerProtect Data Domain version 8.6.0.0 or later to remediate the vulnerability. Consider stricter certificate validation policies as an interim measure.
As of now, there are no known public exploits or active campaigns targeting CVE-2026-23776, but the potential for privilege escalation warrants caution.
Refer to the official Dell Security Advisory for details and further guidance: [https://www.dell.com/support/kbdoc/en-us/000237777/security-update-for-dell-powerprotect-data-domain-improper-certificate-validation-vulnerability]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.