Plataforma
dell
Componente
dell-powerprotect-datadomain
Corrigido em
8.6.0.0
8.3.1.20
7.13.1.50
CVE-2026-23779 describes a command injection vulnerability discovered in Dell PowerProtect Data Domain. This flaw allows a high-privileged attacker with local access to potentially escalate privileges and gain root-level control over the system. The vulnerability impacts versions 7.7.1.0 through 8.5, LTS2025 versions 8.3.1.0 through 8.3.1.20, and LTS2024 versions 7.13.1.0 through 7.13.1.50. Dell recommends upgrading to version 8.6.0.0 or later to address this security concern.
Successful exploitation of CVE-2026-23779 could grant an attacker root-level access to the affected Dell PowerProtect Data Domain system. This level of access provides complete control over the system, enabling the attacker to modify data, install malicious software, disrupt operations, and potentially pivot to other systems within the network. The impact is particularly severe given the Data Domain's role in data protection and backup, as an attacker could compromise sensitive data and disrupt recovery processes. The ability to gain root access mirrors the potential impact of other privilege escalation vulnerabilities, allowing for broad and unrestricted system control.
CVE-2026-23779 was publicly disclosed on 2026-04-17. Currently, there are no known public exploits or active campaigns targeting this vulnerability. The vulnerability is not listed on the CISA KEV catalog as of this writing. The potential for exploitation remains, especially given the ease of local access required, and organizations should prioritize patching to mitigate the risk.
Organizations heavily reliant on Dell PowerProtect Data Domain for data protection and backup are at significant risk. This includes those with legacy deployments of affected versions, environments with inadequate access controls, and those lacking robust monitoring and patching processes. Shared hosting environments utilizing Data Domain appliances are also particularly vulnerable due to the potential for cross-tenant exploitation.
• linux / server:
journalctl -u dd-os | grep -i "command injection"• linux / server:
ps aux | grep -i "malicious_command"• linux / server:
find / -name "vulnerable_script.sh" -printdisclosure
Status do Exploit
EPSS
0.01% (percentil 3%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2026-23779 is to upgrade Dell PowerProtect Data Domain to version 8.6.0.0 or later, as this version contains the necessary fix. If an immediate upgrade is not feasible, consider restricting local access to the Data Domain appliance to only authorized personnel. Implement strong authentication and access controls to minimize the risk of a high-privileged attacker exploiting the vulnerability. While a direct WAF rule is unlikely to be effective against this type of vulnerability, reviewing and hardening the system's configuration to minimize potential attack vectors is recommended. After upgrading, verify the fix by attempting to execute commands through vulnerable interfaces and confirming that they are properly sanitized.
Dell ha publicado una actualización de seguridad (DSA-2026-060) para PowerProtect Data Domain que corrige esta vulnerabilidad de inyección de comandos. Se recomienda aplicar la actualización a la versión 8.6.0.0 o posterior, o a las versiones especificadas en el aviso de seguridad de Dell.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2026-23779 is a command injection vulnerability affecting Dell PowerProtect Data Domain versions 7.7.1.0 through 8.6.0.0, allowing local attackers to gain root access.
You are affected if your Dell PowerProtect Data Domain is running versions 7.7.1.0–8.5, LTS2025 8.3.1.0–8.3.1.20, or LTS2024 7.13.1.0–7.13.1.50.
Upgrade to Dell PowerProtect Data Domain version 8.6.0.0 or later to remediate the vulnerability. Restrict local access as an interim measure.
As of now, there are no known public exploits or active campaigns targeting CVE-2026-23779, but the potential for exploitation remains.
Refer to the official Dell Security Advisory for CVE-2026-23779 on the Dell Support website (search for the advisory ID related to this CVE).
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.