CVE-2026-23853HIGH 8.4EPSS p5.4%

CVE-2026-23853CVE-2026-23853

Description

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to unauthorized access to the system.

Scoring

CVSS 3.18.4 (HIGH)
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.16% probability of exploitation · percentile 5.4% · 2026-06-19T12:03:05Z
Published2026-04-17
Last modified2026-05-08

Underlying weaknesses· 1

CWE-1391

References

  1. https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities

1

TypeTargetConfidenceTier
WeaknessUse of Weak Credentialscwe-13910%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-23776
CVE
CVE-2025-36594
CVE
CVE-2026-26944
CVE
CVE-2026-26354
CVE
CVE-2025-29987
CVE
CVE-2026-23857
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.