Security Advisory

CVE-2025-43906

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-07 18:02:09

Last updated 2026-02-26 17:48:13

Assigner dell

State PUBLISHED

Description

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

← Browse all CVEs View on cve.org ↗