CVE-2026-46464 in PowerProtect Data Domaininfo

Summary

by MITRE • 07/03/2026

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access ('Link following') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure.

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 07/04/2026

This vulnerability resides within Dell PowerProtect Data Domain systems running specific software versions, representing a critical weakness in the system's file access controls and path resolution mechanisms. The improper link resolution before file access flaw allows an attacker to manipulate symbolic links or hard links in ways that bypass normal access controls, creating potential pathways for unauthorized data access. The vulnerability specifically affects systems operating within the 7.7.1.0 through 8.7 release range, along with LTS2026 versions 8.6.1.0 through 8.6.1.10 and LTS2025 versions 8.3.1.0 through 8.3.1.30, highlighting the widespread nature of this security gap across multiple supported release lines.

The technical implementation of this vulnerability stems from inadequate validation of file paths during access operations, particularly when symbolic links are encountered in the file system hierarchy. When a high privileged attacker gains remote access to the system, they can exploit this weakness by creating or manipulating symbolic links that point to sensitive system files or directories outside the intended access scope. This misconfiguration allows the system to follow these links without proper validation of the target location, potentially exposing confidential data or system resources that should remain protected. The vulnerability is classified under CWE-59, which specifically addresses improper link resolution before file access, making it a well-documented weakness in file system security implementations.

Operationally, this vulnerability poses significant risks to organizations relying on Dell PowerProtect Data Domain systems for backup and archive operations. A successful exploitation could result in the disclosure of sensitive backup data, system configuration files, or administrative credentials stored within the protected environment. The impact extends beyond simple information disclosure as attackers might gain insights into system architecture, file structures, and potentially escalate privileges to access additional resources within the network. Given that these systems typically contain critical business data and are often integrated with enterprise backup infrastructures, the compromise of such systems could lead to extended operational disruption and potential compliance violations.

Mitigation strategies should focus on immediate software updates to patched versions where available, as Dell has likely released security updates addressing this specific vulnerability. Organizations must implement strict access controls limiting remote administrative access to these systems, utilizing network segmentation and firewall rules to restrict exposure. Regular security audits of symbolic link configurations within the PowerProtect Data Domain environment are essential to identify and remediate potential link manipulation opportunities. Additionally, monitoring for unusual file access patterns or link creation activities should be implemented as part of the overall security operations center procedures. The ATT&CK framework categorizes this vulnerability under privilege escalation and credential access techniques, making it particularly concerning for organizations following comprehensive threat modeling approaches that consider both internal and external attack vectors.

Responsible

Dell

Reservation

05/14/2026

Disclosure

07/03/2026

Moderation

accepted

CPE

ready

EPSS

0.00422

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!