CVE-2026-46466 in PowerProtect Data Domain
Summary
by MITRE • 07/03/2026
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of less trusted source vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to information tampering.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 07/04/2026
The Dell PowerProtect Data Domain systems present a critical security weakness classified as a use of less trusted source vulnerability that affects multiple release versions across different support lifecycles. This vulnerability resides within the system's trust model implementation where it relies on unverified or insufficiently validated data sources during processing operations. The flaw allows for potential information tampering when exploited by attackers who possess high privileged remote access capabilities, creating a significant risk to data integrity and system security posture.
The technical nature of this vulnerability stems from inadequate validation mechanisms that fail to properly authenticate or verify the trustworthiness of input sources within the Data Domain's operational framework. When legitimate administrative users with elevated privileges establish remote connections to the system, they may inadvertently expose the platform to exploitation opportunities where malicious actors could manipulate data flows through trusted source assumptions. This weakness operates at the intersection of authentication and authorization controls, where the system's trust model does not adequately distinguish between legitimate and potentially compromised data sources during critical processing phases.
The operational impact of this vulnerability extends beyond simple data integrity concerns to encompass broader security implications for organizations relying on Dell PowerProtect Data Domain systems for backup and archival operations. Attackers exploiting this weakness could potentially modify backup data, alter system configurations, or manipulate recovery processes without detection, leading to cascading effects that compromise the entire backup infrastructure. The high privileged access requirement suggests that the vulnerability may be more difficult to exploit from external positions but remains dangerous when combined with other attack vectors or insider threats.
Security professionals should recognize this vulnerability as aligned with CWE-20 (Improper Input Validation) and potentially related to CWE-345 (Insufficient Verification of Data Authenticity) within the Common Weakness Enumeration framework. The ATT&CK framework categorizes this issue under T1566 (Phishing) and T1078 (Valid Accounts) as attackers may need to establish legitimate access before exploiting the trust source weakness, while also potentially mapping to T1499 (Endpoint Tampering) due to the information tampering capabilities. Organizations should implement immediate mitigations including enhanced monitoring of administrative access patterns, implementation of additional data validation layers, and consideration of network segmentation strategies to limit potential exploitation scope.
The affected versions span multiple support lifecycle releases including LTS2026 through LTS2024, indicating this represents a long-standing issue that has persisted across several system updates and maintenance cycles. This extended timeframe suggests either inadequate patching processes or fundamental design flaws in the trust model implementation that require comprehensive remediation strategies rather than simple point fixes. Organizations should prioritize upgrading to supported versions that address this vulnerability while implementing additional security controls such as intrusion detection systems, access logging, and regular security assessments to detect potential exploitation attempts before they result in successful information tampering incidents.