CVE-2026-53483: CWE-287: Improper Authentication in Dell PowerProtect Data Domain
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 an improper authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. This is a critical severity vulnerability as it allows an attacker to take complete control of system; so Dell recommends customers to upgrade at the earliest opportunity.
AI Analysis
Technical Summary
Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7, including LTS2026 release 8.6.1.0 through 8.6.1.10, LTS2025 release 8.3.1.0 through 8.3.1.30, and LTS2024 release 7.13.1.0 through 7.13.1.70, contain an improper authentication vulnerability (CWE-287). This vulnerability allows an unauthenticated remote attacker to potentially gain unauthorized access, leading to complete system compromise. The CVSS v3.1 base score is 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting network attack vector, low attack complexity, no privileges or user interaction required, and high impact on confidentiality, integrity, and availability. No vendor advisory or patch information is currently available.
Potential Impact
Successful exploitation allows an unauthenticated remote attacker to bypass authentication controls, resulting in unauthorized access with full control over the affected Dell PowerProtect Data Domain system. This can lead to complete compromise of confidentiality, integrity, and availability of the system and its data.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Dell recommends customers upgrade affected systems at the earliest opportunity once a fix is available. Until then, restrict remote access to affected systems where possible to reduce exposure.
CVE-2026-53483: CWE-287: Improper Authentication in Dell PowerProtect Data Domain
Description
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 an improper authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. This is a critical severity vulnerability as it allows an attacker to take complete control of system; so Dell recommends customers to upgrade at the earliest opportunity.
CVSS v3.1
Score 9.8critical
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7, including LTS2026 release 8.6.1.0 through 8.6.1.10, LTS2025 release 8.3.1.0 through 8.3.1.30, and LTS2024 release 7.13.1.0 through 7.13.1.70, contain an improper authentication vulnerability (CWE-287). This vulnerability allows an unauthenticated remote attacker to potentially gain unauthorized access, leading to complete system compromise. The CVSS v3.1 base score is 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting network attack vector, low attack complexity, no privileges or user interaction required, and high impact on confidentiality, integrity, and availability. No vendor advisory or patch information is currently available.
Potential Impact
Successful exploitation allows an unauthenticated remote attacker to bypass authentication controls, resulting in unauthorized access with full control over the affected Dell PowerProtect Data Domain system. This can lead to complete compromise of confidentiality, integrity, and availability of the system and its data.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Dell recommends customers upgrade affected systems at the earliest opportunity once a fix is available. Until then, restrict remote access to affected systems where possible to reduce exposure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- dell
- Date Reserved
- 2026-06-09T17:04:35.250Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a4cfbe1c9d9e3dbe32fc637
Added to database: 07/07/2026, 13:15:13 UTC
Last enriched: 07/07/2026, 13:28:15 UTC
Last updated: 07/07/2026, 14:03:49 UTC
Views: 17
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.