CVE-2024-53295
Published: 01 February 2025
Summary
CVE-2024-53295 is a high-severity Insufficient Granularity of Access Control (CWE-1220) vulnerability in Dell Data Domain Operating System. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 25.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly enforces approved authorizations for access to system resources, mitigating the improper access control that enables low-privilege users to escalate privileges.
Employs least privilege principle to restrict low-privilege users from accessing or manipulating resources needed for privilege escalation.
Requires timely identification, reporting, and correction of flaws like this improper access control vulnerability through vendor-recommended patching.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct local privilege escalation via improper access control flaw on the target system.
NVD Description
Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper access control vulnerability. A local malicious user with low privileges could potentially exploit this vulnerability leading to escalation of privilege.
Deeper analysisAI
CVE-2024-53295 is an improper access control vulnerability affecting Dell PowerProtect DD systems in versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20. Published on February 1, 2025, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-1220 and NVD-CWE-Other. The flaw stems from inadequate access controls, allowing unauthorized manipulation of system resources.
A local malicious user with low privileges can exploit this vulnerability without user interaction. Successful exploitation enables escalation of privileges, potentially granting full administrative access and compromising confidentiality, integrity, and availability of the affected system.
Dell's security advisory DSA-2025-022, detailed at https://www.dell.com/support/kbdoc/en-us/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities, addresses this and other vulnerabilities in PowerProtect DD. Mitigation requires updating to Dell PowerProtect DD version 8.3.0.0 or later, 7.10.1.50 or later, or 7.13.1.20 or later, depending on the supported branch.
Details
- CWE(s)