Use of Externally-Controlled Format String Vulnerability in Dell PowerProtect Data Domain
CVE-2026-46465
5.5MEDIUM
What is CVE-2026-46465?
The vulnerability affects multiple versions of Dell PowerProtect Data Domain, where the software allows for the use of externally-controlled format strings. This could enable a high-privileged attacker to exploit the system remotely, potentially leading to critical risks such as information disclosure and denial of service. Users of affected versions should act promptly to mitigate the associated risks by applying security updates provided by Dell.
Affected Version(s)
PowerProtect Data Domain 0 < 8.8.0.0 or later
PowerProtect Data Domain 0 < 8.6.1.20 or later
PowerProtect Data Domain 0 < 8.3.1.40 or later