CVE-2025-36594

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.3.0.15 Dell PowerProtect Data Domain versions 7.10.1.0 through 7.10.1.60 Dell PowerProtect Data Domain versions 7.13.1.0 through 7.13.1.25

Description Dell PowerProtect Data Domain contains an authentication bypass vulnerability that allows an unauthenticated attacker with remote access to bypass protection mechanisms. This could lead to the creation of accounts, potentially exposing customer information and affecting system integrity and availability.

Recommendations For versions 7.7.1.0 through 8.3.0.15, update to a newer version. For versions 7.10.1.0 through 7.10.1.60, update to a newer version. For versions 7.13.1.0 through 7.13.1.25, update to a newer version.

Fix

Authentication Bypass by Spoofing

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-290

Related Identifiers

BDU:2025-09422

CVE-2025-36594

Affected Products

Dell Powerprotect Data Domain

CVE-2025-36594

Weakness Enumeration

Related Identifiers

Affected Products

References · 10