Dell PowerProtect Data Domain OS Command Injection: Root Access Risk
The National Vulnerability Database has detailed CVE-2026-26943, an OS command injection vulnerability impacting Dell PowerProtect Data Domain versions 7.7.1.0 through 8.6, LTS2025 release versions 8.3.1.0 through 8.3.1.20, and LTS2024 release versions 7.13.1.0 through 7.13.1.60. This flaw carries a CVSS score of 7.2 (HIGH).
According to the National Vulnerability Database, a high-privileged attacker with remote network access could exploit this vulnerability. The outcome is arbitrary command execution, granting the attacker root privileges on the affected system. This is a critical risk, as root access on a data protection solution like PowerProtect Data Domain means complete control over backup infrastructure and potentially the data it protects.
CISOs and security teams must prioritize patching Dell PowerProtect Data Domain instances immediately. The attacker’s calculus here is straightforward: compromise a high-value target that controls sensitive backup data. Unpatched systems represent a direct path to data exfiltration, manipulation, or destruction, bypassing many traditional perimeter defenses once inside. Defenders need to ensure that administrative interfaces for such critical systems are segmented and tightly controlled, even beyond patching.
What This Means For You
- If your organization uses Dell PowerProtect Data Domain, this OS command injection vulnerability (CVE-2026-26943) is a critical risk. Immediately identify all affected versions (7.7.1.0-8.6, 8.3.1.0-8.3.1.20, 7.13.1.0-7.13.1.60) and apply the necessary patches provided by Dell. Prioritize network segmentation for these devices and audit administrative access logs for any unusual activity.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-26943 - Dell PowerProtect Data Domain OS Command Injection
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-26943 | Command Injection | Dell PowerProtect Data Domain versions 7.7.1.0 through 8.6 |
| CVE-2026-26943 | Command Injection | Dell PowerProtect Data Domain LTS2025 release version 8.3.1.0 through 8.3.1.20 |
| CVE-2026-26943 | Command Injection | Dell PowerProtect Data Domain LTS2024 release versions 7.13.1.0 through 7.13.1.60 |
| CVE-2026-26943 | RCE | Arbitrary command execution with root privileges |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 20, 2026 at 20:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related Posts
CVE-2026-41389 — OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce
CVE-2026-41389 — OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can...
CVE-2026-39112 — Cross Site Scripting vulnerability in Apartment Visitors
CVE-2026-39112 — Cross Site Scripting vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the visname parameter of visitors-form.php. An authenticated attacker...
Unauthenticated SQLi in Apartment Visitors Management System
CVE-2026-39111 — SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page (forgot-password.php)....