Dell PowerProtect Data Domain
Moderate fix7 remedies
cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:*:*:*
Moderate fix7 remedies
- >= 7.7.1.0, <= 8.5
- >= 8.3.1.0, <= 8.3.1.20
- >= 7.13.1.0, <= 7.13.1.60
Dell PowerProtect Data Domain OS Command Injection Vulnerability Allowing Arbitrary Command Execution
Vulnerability
Patched
A command injection vulnerability has been identified in Dell PowerProtect Data Domain appliances running Data Domain Operating System (DD OS) versions 7.7.1.0 through 8.5, as well as LTS2025 release version 8.3.1.0 through 8.3.1.10 and LTS2024 release versions 7.13.1.0 through 7.13.1.40. This vulnerability allows a high privileged attacker with remote access to execute arbitrary commands on the affected system.
Impact
Exploitation of this vulnerability could lead to unauthorized arbitrary command execution on the affected system.
Remediation
Users can upgrade to Dell PowerProtect Data Domain DD OS version 8.6.1.10, 8.7.0.0 or later, or version 7.13.1.70 or later. Instructions for upgrading the Data Domain Operating System are available on the Dell Support website.
Added: Apr 20, 2026, 4:50 PM
Updated: Apr 20, 2026, 4:50 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
7.5exploitability
4.4remediation
7.7relevance
6.4threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.