CVE-2026-44268
MediumCVSS 4.4Summary
A vulnerability in Dell PowerProtect Data Domain involves incorrect permission assignment for a critical resource. This flaw could be exploited by a local attacker with high privileges, leading to unauthorized access.
Risk Assessment
The risk involves potential privilege escalation by a privileged attacker, which could result in control over critical system resources and compromise data confidentiality.
Recommendation
It is recommended to immediately apply security patches provided by the vendor for affected versions and restrict local system access to trusted administrators only.
Original NVD description (English source)
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect permission Assignment for critical resource vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access.

