CVE-2025-46643

LOW2.3

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7

Published Jan 9, 2026

Modified 1 weeks ago

No fix available

Details

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain a Heap-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

References

ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2025-46643 ADVISORYhttps://www.dell.com/support/kbdoc/en-us/000405813/dsa-2025-415-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities

CVSS Analysis

CVSS v3.1

2.3

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

HighPR:H

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

LowA:L

2.3/CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

Weakness Type (CWE)

Other

CWE-122

Ecosystems

Timeline

PublishedJan 9, 2026

ModifiedJan 9, 2026