VDB

CVE-2025-36568

CVE-2025-36568 PUBLISHED CVSS 7.800000190734863 HIGH

Dell PowerProtect Data Domain BoostFS for client of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an insufficiently protected credentials vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to credential exposure. The attacker may be able to use the exposed credentials to access the system with privileges of the compromised account.

EPSS 0.01% · 0.5th percentile

Risk Scores

CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score
0.01%
0.5th percentile

Affected Products

VendorProductVersions
DellPowerProtect Data Domain BoostFS0, 0, 0

Timeline

  • Apr 17, 2026 CVE Published
  • Apr 17, 2026 PoC Published
  • Apr 17, 2026 PoC Published
  • Apr 18, 2026 Security Advisory
  • Apr 18, 2026 CVE Updated
  • May 18, 2026 EPSS Score
  • May 19, 2026 EPSS Score
  • May 20, 2026 EPSS Score
  • May 21, 2026 EPSS Score
  • May 22, 2026 EPSS Score
  • May 23, 2026 EPSS Score
  • May 24, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›