CVE-2026-23774
Published: 20 April 2026
Summary
CVE-2026-23774 is a high-severity OS Command Injection (CWE-78) vulnerability in Dell Data Domain Operating System. Its CVSS base score is 7.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 28.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Flaw remediation directly addresses this CVE by applying Dell's security updates from DSA-2026-060 to patch the OS command injection vulnerability in affected DD OS versions.
Information input validation prevents OS command injection by checking and sanitizing remote inputs to DD OS management interfaces before processing.
Least privilege limits the scope of arbitrary command execution by ensuring high-privileged remote users only have necessary permissions on DD OS systems.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
OS command injection RCE on remote appliance directly enables T1190 (public-facing exploitation for initial access) and T1059.004 (Unix shell command execution).
NVD Description
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, contain an OS command injection vulnerability. A high privileged attacker…
more
with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.
Deeper analysisAI
CVE-2026-23774 is an OS command injection vulnerability (CWE-78) affecting Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS). The vulnerability impacts Feature Release versions 7.7.1.0 through 8.5, LTS2025 release versions 8.3.1.0 through 8.3.1.10, and LTS2024 release versions 7.13.1.0 through 7.13.1.40. It was published on 2026-04-20 with a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
A high-privileged attacker with remote network access can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation enables arbitrary command execution on the affected system, resulting in high impacts to confidentiality, integrity, and availability.
Dell security advisory DSA-2026-060 addresses this and other vulnerabilities in PowerProtect Data Domain, providing details on security updates. The advisory is available at https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities.
Details
- CWE(s)