CVE-2025-43890 is an OS command injection vulnerability identified in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS) versions from 7.7.1.0 up to 8.3.0.15, including several Long-Term Support (LTS) releases (LTS2025, LTS2024, LTS2023). The vulnerability stems from improper neutralization of special characters in OS commands (CWE-78), allowing a high-privileged attacker with local access to inject arbitrary commands into the operating system environment. This flaw can be exploited to execute arbitrary commands with elevated privileges, potentially escalating to root-level access. The attack vector requires local access and high privileges but does not require user interaction, making it a significant threat in environments where attackers can gain such access. The CVSS v3.1 base score is 6.7, indicating a medium severity level, with impacts on confidentiality, integrity, and availability. Although no public exploits have been reported yet, the potential for privilege escalation and full system compromise makes this vulnerability critical to address. The affected product, Dell PowerProtect Data Domain, is widely used for enterprise backup and data protection, making the vulnerability relevant for organizations relying on these systems for critical data integrity and availability.

For European organizations, exploitation of CVE-2025-43890 could lead to severe consequences including unauthorized access to sensitive backup data, disruption of backup and recovery operations, and potential full system compromise due to root-level privilege escalation. This could result in data breaches, loss of data integrity, and downtime impacting business continuity. Organizations in sectors such as finance, healthcare, government, and critical infrastructure that rely heavily on Dell PowerProtect Data Domain for data protection are particularly at risk. The requirement for local high-privileged access limits remote exploitation but insider threats or attackers who have already gained elevated access could leverage this vulnerability to deepen their control. The impact on confidentiality, integrity, and availability is high, potentially affecting compliance with data protection regulations such as GDPR, and leading to reputational damage and financial penalties.

European organizations should implement the following specific mitigations: 1) Immediately identify and inventory all Dell PowerProtect Data Domain systems running affected DD OS versions. 2) Apply vendor patches or updates as soon as they become available; if patches are not yet released, engage Dell support for interim mitigations. 3) Restrict local access to these systems strictly to trusted administrators and use strong authentication and access controls to minimize the risk of unauthorized local access. 4) Monitor system logs and audit trails for unusual command execution or privilege escalation attempts. 5) Employ network segmentation to isolate backup systems from general user networks, reducing the attack surface. 6) Conduct regular security training for administrators to recognize and prevent misuse of privileged access. 7) Consider deploying host-based intrusion detection systems (HIDS) to detect anomalous OS command executions. 8) Review and harden configurations to limit the execution of arbitrary commands where possible. These measures go beyond generic advice by focusing on access control, monitoring, and system hardening specific to the affected product and vulnerability.