CVE-2026-56086

Dell · PowerProtect Data Domain

Dell PowerProtect Data Domain is affected by an incorrect authorization vulnerability that may allow authenticated users to perform unauthorized actions.

Executive summary

An incorrect authorization vulnerability in Dell PowerProtect Data Domain allows an authenticated user to perform unauthorized actions, potentially leading to full system compromise.

Vulnerability

The software contains an incorrect authorization flaw (CWE-863). An authenticated attacker with low-level privileges can leverage this vulnerability to gain unauthorized access or execute functions beyond their assigned permissions.

Business impact

This vulnerability impacts the authorization model of critical data protection infrastructure. An attacker who has achieved low-level access can escalate their privileges, potentially leading to the unauthorized modification or deletion of backup data. With a CVSS score of 8.8, this vulnerability represents a severe threat to data availability and integrity.

Remediation

Immediate Action: Apply the vendor-provided security updates to reach the target versions: 7.13.1.80, 8.3.1.40, 8.6.1.20, or 8.7.0.0.

Proactive Monitoring: Audit user activity logs, specifically looking for administrative actions performed by accounts that lack the required privileges.

Compensating Controls: Restrict management access to the PowerProtect Data Domain interface to a trusted, isolated management network to reduce the attack surface.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Because this vulnerability allows for unauthorized actions on critical backup infrastructure, it is imperative to prioritize the patch installation. Administrators must verify their current firmware version against the Dell security advisory and apply the necessary updates to maintain the integrity of their data protection environment.