Dell PowerProtect Data Domain
Moderate fix4 remedies
cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:*:*:*
Moderate fix4 remedies
- >= 7.7.1.0, <= 8.4.0.0
- >= 8.3.1.0, <= 8.3.1.10
- >= 7.13.1.0, <= 7.13.1.40
- >= 7.10.1.0, <= 7.10.1.70
Dell PowerProtect Data Domain OS Command Injection Vulnerability
Vulnerability
Patched
A command injection vulnerability has been identified in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS) versions 7.7.1.0 prior to 8.4.0.0, as well as LTS2025 version 8.3.1.10, LTS2024 versions 7.13.1.0 through 7.13.1.40, and LTS2023 versions 7.10.1.0 through 7.10.1.70. This vulnerability allows high-privileged attackers with local access to execute arbitrary commands on the system.
Impact
Exploitation of this vulnerability could lead to unauthorized command execution on the affected system.
Remediation
Users can upgrade to Dell PowerProtect Data Domain OS version 8.5.0.0 or later, version 8.3.1.20 or later, or version 7.13.1.50 or later, depending on their current version. Instructions for upgrading the Data Domain Operating System are available on the Dell Support website.
Added: Jan 9, 2026, 4:28 PM
Updated: Jan 9, 2026, 4:31 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
7.5exploitability
3.0remediation
7.7relevance
2.0threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.