CVE-2025-36568
Published: 17 April 2026
Summary
CVE-2025-36568 is a high-severity Insufficiently Protected Credentials (CWE-522) vulnerability in Dell Data Domain Operating System. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Credentials In Files (T1552.001); ranked at the 0.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-28 (Protection of Information at Rest).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Flaw remediation directly mitigates CVE-2025-36568 by requiring timely application of Dell's security update to fix the insufficiently protected credentials in PowerProtect Data Domain BoostFS.
Authenticator management mandates protecting credential content from unauthorized disclosure, preventing low-privileged local attackers from exploiting exposed credentials in BoostFS.
Protection of information at rest ensures cryptographic or access control mechanisms safeguard stored credentials from unauthorized access by local low-privileged users.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability directly exposes stored credentials (T1552.001) on a local system, enabling subsequent privilege escalation via valid account abuse (T1068).
NVD Description
Dell PowerProtect Data Domain BoostFS for client of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an insufficiently protected credentials vulnerability. A low privileged attacker with local access could…
more
potentially exploit this vulnerability, leading to credential exposure. The attacker may be able to use the exposed credentials to access the system with privileges of the compromised account.
Deeper analysisAI
CVE-2025-36568 is an insufficiently protected credentials vulnerability (CWE-522) affecting Dell PowerProtect Data Domain BoostFS for client. The issue impacts Feature Release versions 7.7.1.0 through 8.5, LTS2025 release versions 8.3.1.0 through 8.3.1.20, and LTS2024 release versions 7.13.1.0 through 7.13.1.50. It has a CVSS v3.1 base score of 7.8 (AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts with a changed scope.
A low-privileged attacker with local access could exploit this vulnerability to expose stored credentials. The attacker could then leverage the exposed credentials to access the system with the privileges of the compromised account, potentially leading to unauthorized privilege escalation.
Dell has published security advisory DSA-2026-060 detailing a security update for multiple vulnerabilities in PowerProtect Data Domain, including CVE-2025-36568. Practitioners should review the advisory at https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities for patch availability and recommended mitigations.
Details
- CWE(s)