VDB
CVE-2026-23853
CVE-2026-23853
PUBLISHED
CVSS 8.399999618530273 HIGH
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to unauthorized access to the system.
EPSS 0.02% · 4.1th percentile
Risk Scores
CVSS 3.1
8.399999618530273
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.02%
4.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | PowerProtect Data Domain | 0, 0, 0 |
Exploit Intelligence
- CIRCL seen: CVE-2026-23853 (circl-sighting)
- CIRCL seen: CVE-2026-23853 (circl-sighting)
- CIRCL seen: CVE-2026-23853 (circl-sighting)
- CIRCL seen: CVE-2026-23853 (circl-sighting)
- https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities (circl)
Timeline
- Apr 17, 2026 CVE Published
- Apr 17, 2026 PoC Published
- Apr 17, 2026 PoC Published
- Apr 17, 2026 PoC Published
- Apr 17, 2026 PoC Published
- Apr 18, 2026 Security Advisory
- Apr 18, 2026 CVE Updated
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score