CVE-2026-35154
CVE-2026-35154
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.3EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
20 Apr 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability.
A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges to access unauthorized delete operation.
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Affected products
Dell · PowerProtect Data Domain appliances