CVE-2025-46644 is classified as CWE-78, indicating an OS command injection vulnerability in Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) Feature Release versions 7.7.1.0 through 8.4.0.0, including LTS2025, LTS2024, and LTS2023 releases within specified version ranges. The vulnerability arises from improper neutralization of special elements used in OS commands, allowing a high-privileged attacker with local access to inject and execute arbitrary OS commands. This flaw can lead to unauthorized command execution, potentially compromising system integrity and availability. The vulnerability does not require user interaction but does require the attacker to have elevated privileges and local system access, limiting remote exploitation. The CVSS 3.1 score is 6.0 (medium severity), reflecting the moderate ease of exploitation and significant impact on system integrity and availability, but no impact on confidentiality. No patches are currently linked, and no known exploits have been reported in the wild, indicating that the vulnerability is newly disclosed or not yet weaponized. The vulnerability affects enterprise storage environments relying on Dell PowerProtect Data Domain systems, which are widely used for backup and data protection in large organizations.

The primary impact of CVE-2025-46644 is on the integrity and availability of affected Dell PowerProtect Data Domain systems. Successful exploitation allows a high-privileged local attacker to execute arbitrary OS commands, which could lead to unauthorized modification or deletion of backup data, disruption of backup services, or complete system compromise. This can severely affect organizations' data protection capabilities, potentially resulting in data loss or downtime. Since the vulnerability requires local high privileges, the risk is mitigated somewhat by access controls, but insider threats or attackers who have already gained elevated access could leverage this flaw to escalate control or disrupt operations. Enterprises relying on these systems for critical backup and disaster recovery functions may face operational and compliance risks if exploited. The lack of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits post-disclosure.

Organizations should implement strict access controls to limit local administrative access to Dell PowerProtect Data Domain systems, ensuring only trusted personnel have high privileges. Monitoring and auditing local access and command execution on these systems can help detect suspicious activity. Dell should be contacted for official patches or updates addressing this vulnerability; organizations must apply these patches promptly once available. Until patches are released, consider isolating affected systems from untrusted networks and users, and employ host-based intrusion detection systems to monitor for anomalous command execution. Additionally, review and harden system configurations to minimize the attack surface, including disabling unnecessary services and enforcing the principle of least privilege. Regularly update and test backup and recovery procedures to mitigate potential impact from exploitation.