CVE-2026-22769

Critical KEV CVSS: 10.0

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.

Vendor

Dell

Product

Recoverpoint For Virtual Machines

CWE

CWE-798

Yayın Tarihi

2026-02-17 20:22:09

Güncelleme

2026-02-20 02:00:02

Source Identifier

security_alert@emc.com

KEV Date Added

2026-02-18

Kategoriler

CWE-798 Recoverpoint For Virtual Machines CRITICAL Dell 2026

Referanslar

https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079 https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-22769

Benzer Kayıtlar

High

CVE-2026-22767

Dell AppSync, version(s) 4.6.0, contain(s) an UNIX Symbolic Link (Symlink) Following vulnerability. A low privileged att…

High

CVE-2026-22768

Dell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low…

Medium

CVE-2026-27101

Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Impro…

Medium

CVE-2026-28265

PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access cou…

Low

CVE-2026-24508

Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerabil…

Medium

CVE-2026-24510

Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Privilege Management vulnerabilit…