{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/data-domain/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":8.4,"id":"CVE-2026-23853"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve-2026-23853","dell","powerprotect","data domain","weak credentials"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eDell PowerProtect Data Domain is affected by a vulnerability (CVE-2026-23853) stemming from the use of weak credentials in Data Domain Operating System (DD OS). This issue impacts Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, and LTS2024 release versions 7.13.1.0 through 7.13.1.50. An unauthenticated, local attacker could exploit this vulnerability to gain unauthorized access to the system. Exploitation does not require network access, but rather relies on the presence of weak default or easily guessable credentials within the affected DD OS versions. This vulnerability poses a significant risk to the confidentiality, integrity, and availability of data stored on the affected systems.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker gains local access to a Dell PowerProtect Data Domain system running a vulnerable DD OS version (7.7.1.0-8.5, 8.3.1.0-8.3.1.20, or 7.13.1.0-7.13.1.50).\u003c/li\u003e\n\u003cli\u003eThe attacker attempts to authenticate using default or weak credentials.\u003c/li\u003e\n\u003cli\u003eUpon successful authentication with weak credentials, the attacker gains unauthorized access to the DD OS.\u003c/li\u003e\n\u003cli\u003eThe attacker escalates privileges within the DD OS using commands available through the compromised account.\u003c/li\u003e\n\u003cli\u003eThe attacker gains access to sensitive data, including backup configurations, data encryption keys, or stored data backups.\u003c/li\u003e\n\u003cli\u003eThe attacker exfiltrates sensitive data from the Data Domain system to a remote location.\u003c/li\u003e\n\u003cli\u003eThe attacker modifies backup configurations to disrupt or prevent future backups.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-23853 allows an attacker with local access to gain unauthorized access to Dell PowerProtect Data Domain systems. This can lead to the compromise of sensitive data stored within the backups, including customer data, financial records, and intellectual property. The impact ranges from data breaches and financial losses to reputational damage and disruption of business operations. The affected systems are primarily used in enterprise environments, so a successful attack may impact hundreds of organizations.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the security update provided by Dell as described in DSA-2026-060 to remediate the weak credentials vulnerability detailed in CVE-2026-23853. The advisory URL is available in the references section.\u003c/li\u003e\n\u003cli\u003eReview and enforce strong password policies for all accounts on Dell PowerProtect Data Domain systems.\u003c/li\u003e\n\u003cli\u003eMonitor authentication logs for the use of default credentials and failed login attempts on the affected systems.\u003c/li\u003e\n\u003cli\u003eRestrict local access to Dell PowerProtect Data Domain systems to authorized personnel only.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-17T08:16:16Z","date_published":"2026-04-17T08:16:16Z","id":"/briefs/2026-04-dell-powerprotect-weak-creds/","summary":"Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions 7.7.1.0 through 8.5, 8.3.1.0 through 8.3.1.20, and 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability (CVE-2026-23853) that can lead to unauthorized access by a local attacker.","title":"Dell PowerProtect Data Domain Weak Credentials Vulnerability (CVE-2026-23853)","url":"https://feed.craftedsignal.io/briefs/2026-04-dell-powerprotect-weak-creds/"}],"language":"en","title":"CraftedSignal Threat Feed — Data Domain","version":"https://jsonfeed.org/version/1.1"}