CVE-2026-46730
MediumCVSS 4.2Summary
A vulnerability in Dell PowerProtect Data Domain allows unauthorized command execution by a local attacker with high privileges. The issue stems from incorrect authorization in the system.
Risk Assessment
An attacker with local access and high privileges can execute unauthorized commands, potentially compromising data integrity and confidentiality within the organization.
Recommendation
Immediately update Dell PowerProtect Data Domain to the latest available version as per vendor recommendations. Also restrict local access to the system to trusted administrators only.
Original NVD description (English source)
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect authorization vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized command execution.

