CVE-2026-23775
Published: 17 April 2026
Summary
CVE-2026-23775 is a high-severity Insertion of Sensitive Information into Log File (CWE-532) vulnerability in Dell Data Domain Operating System. Its CVSS base score is 7.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Credentials In Files (T1552.001); ranked at the 5.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AU-13 (Monitoring for Information Disclosure) and AU-9 (Protection of Audit Information).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-2 Flaw Remediation directly addresses the root cause by requiring timely application of vendor patches like Dell's DSA-2026-060 to fix the sensitive information logging vulnerability.
AU-9 Protection of Audit Information prevents low-privileged attackers from accessing log files containing exposed credentials by enforcing unauthorized access restrictions.
AU-13 Monitoring for Information Disclosure specifically monitors audit logs for unauthorized sensitive credential exposures triggered by this insertion vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability directly causes credentials to be written to log files, enabling access to unsecured credentials stored in files.
NVD Description
Dell PowerProtect Data Domain appliances with Data Domain Operating System (DD OS) of Feature Release versions 8.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker with…
more
remote access could potentially exploit this vulnerability, leading to credential exposures. Authentication attempts as the compromised user would need to be authorized by a high privileged DD user. This vulnerability only affects systems with retention lock enabled.
Deeper analysisAI
CVE-2026-23775 is an insertion of sensitive information into log file vulnerability (CWE-532) affecting Dell PowerProtect Data Domain appliances running Data Domain Operating System (DD OS) Feature Release versions 8.0 through 8.5 and LTS2025 release versions 8.3.1.0 through 8.3.1.10. The issue enables the logging of sensitive credentials, with a CVSS v3.1 base score of 7.6 (AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H). This vulnerability is present only on systems with retention lock enabled.
A low-privileged attacker with remote access could exploit this vulnerability by triggering conditions that insert sensitive information into log files, potentially leading to credential exposures. Exploitation requires user interaction and is further constrained: authentication attempts using the compromised credentials must be authorized by a high-privileged DD user.
Dell Security Advisory DSA-2026-060 addresses this and other vulnerabilities in PowerProtect Data Domain, providing a security update for affected versions. Security practitioners should consult the advisory at https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities for patch details and mitigation guidance.
Details
- CWE(s)