CVE-2025-36594 is a critical authentication bypass vulnerability affecting Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS) versions from Feature Release 7.7.1.0 through 8.3.0.15, as well as LTS2024 and LTS2023 releases within specified version ranges. The vulnerability is classified under CWE-290, indicating an authentication bypass by spoofing. An unauthenticated remote attacker with network access to the affected system can exploit this flaw to bypass authentication mechanisms entirely. This allows the attacker to create unauthorized accounts on the system, potentially exposing sensitive customer information, compromising system integrity, and impacting availability. The vulnerability has a CVSS v3.1 base score of 9.8 (critical), reflecting its high impact on confidentiality, integrity, and availability, combined with ease of exploitation (no privileges or user interaction required). Although no known exploits are currently reported in the wild, the severity and nature of the flaw make it a significant risk. The lack of available patches at the time of publication further increases exposure. The vulnerability undermines the core protection mechanisms of Dell PowerProtect Data Domain, a widely used enterprise backup and data protection solution, potentially allowing attackers to manipulate backup data, exfiltrate sensitive information, or disrupt backup operations critical for business continuity.

For European organizations, the impact of this vulnerability is substantial due to the widespread use of Dell PowerProtect Data Domain in enterprise backup infrastructures across sectors such as finance, healthcare, government, and critical infrastructure. Exploitation could lead to unauthorized access to backup repositories containing sensitive personal and corporate data, violating GDPR and other data protection regulations, resulting in legal and financial penalties. Integrity compromise could allow attackers to alter or delete backup data, undermining disaster recovery capabilities and potentially causing prolonged downtime. Availability impacts could disrupt backup and restore operations, affecting business continuity and operational resilience. Given the criticality of backup systems in maintaining data integrity and availability, this vulnerability poses a direct threat to the security posture and regulatory compliance of affected organizations in Europe.

Immediate mitigation steps include restricting network access to Dell PowerProtect Data Domain systems to trusted management networks only, employing network segmentation and strict firewall rules to limit exposure. Organizations should implement multi-factor authentication and monitor for anomalous account creation or access patterns. Since no patches are currently available, deploying intrusion detection/prevention systems (IDS/IPS) with signatures or heuristics to detect suspicious authentication bypass attempts is advisable. Regularly auditing system logs for unauthorized access attempts and account creations can help early detection. Organizations should engage with Dell support for updates on patch availability and apply security updates promptly once released. Additionally, implementing compensating controls such as enhanced monitoring, strict access controls, and incident response readiness will reduce risk until a permanent fix is deployed.