Dell PowerProtect Data Domain remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Please find all Information regarding this issue here:
DSA-2026-278: Security Update for Dell PowerProtect Data Domain Multiple Vulnerabilities | Dell US
Status: Revision 3.0 dated 2026-07-09
Vendor Rating: Critical
Summary: Dell addresses multiple vulnerabilities in PowerProtect Data Domain with DD OS, affecting both Dell-developed code and integrated third-party components. The most critical vulnerabilities are CVE-2026-53483 and CVE-2026-53481. Both can be exploited remotely over the network without authentication, require low attack complexity, and do not require user interaction. According to the Dell Security Advisory DSA-2026-278, successful exploitation could result in complete compromise of the affected system.
Highest CVSS Score: 9.8 (CVSS v3.1)
Priority: Due to the unauthenticated remote vulnerabilities and the critical role of these systems in backup and recovery operations, affected systems should be updated as soon as possible.
Active Exploitation and Proof of Concept: No active exploitation is confirmed in the official sources reviewed. A public proof of concept is also not mentioned. The GitHub Advisory database entries for the two critical CVEs do not list any known public exploit source code.
