OS Command Injection Vulnerability in Dell PowerProtect Data Domain
CVE-2026-49813

6.7MEDIUM

Key Information:

Vendor

Dell

Vendor
CVE Published:
3 July 2026

What is CVE-2026-49813?

An OS command injection vulnerability has been identified in Dell PowerProtect Data Domain, which affects several versions across multiple releases. This flaw allows a high privileged attacker with local access to execute arbitrary commands, potentially compromising the integrity of the system. Users are urged to review their systems and apply necessary security updates to mitigate this risk.

Affected Version(s)

PowerProtect Data Domain 0 < 8.8.0.0 or later

PowerProtect Data Domain 0 < 8.6.1.20 or later

PowerProtect Data Domain 0 < 8.3.1.40 or later

References

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.