Cyber Posture

CVE-2026-23853

High

Published: 17 April 2026

Published
17 April 2026
Modified
08 May 2026
KEV Added
Patch
CVSS Score 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0001 1.5th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-23853 is a high-severity Use of Weak Credentials (CWE-1391) vulnerability in Dell Data Domain Operating System. Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Local Accounts (T1078.003); ranked at the 1.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and PE-3 (Physical Access Control).

Threat & Defense at a Glance

What attackers do: exploitation maps to Local Accounts (T1078.003) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

IA-5 Authenticator Management good match
prevent

Directly requires management of authenticators to ensure they are strong, unique, and not default or weak, preventing exploitation of this weak credentials vulnerability.

PE-3 Physical Access Control good match
prevent

Enforces physical access controls to systems, blocking unauthenticated local attackers from reaching and exploiting weak credentials at console or local interfaces.

SI-2 Flaw Remediation good match
prevent

Mandates timely flaw remediation including patching as provided in Dell's DSA-2026-060 advisory, directly addressing this specific weak credentials vulnerability.

MITRE ATT&CK Enterprise TechniquesAI

T1078.003 Local Accounts Stealth
Adversaries may obtain and abuse credentials of a local account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
attack.mitre.org →
T1110.001 Password Guessing Credential Access
Adversaries with no prior knowledge of legitimate credentials within the system or environment may guess passwords to attempt access to accounts.
attack.mitre.org →
Why these techniques?

Weak/default credentials vulnerability directly enables local brute-force or guessing attacks to obtain valid local accounts for unauthorized access.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacker…

more

with local access could potentially exploit this vulnerability, leading to unauthorized access to the system.

Deeper analysisAI

CVE-2026-23853 is a use of weak credentials vulnerability (CWE-1391) in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS). It affects Feature Release versions 7.7.1.0 through 8.5, LTS2025 release versions 8.3.1.0 through 8.3.1.20, and LTS2024 release versions 7.13.1.0 through 7.13.1.50. The vulnerability carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-04-17.

An unauthenticated attacker with local access could potentially exploit this vulnerability to gain unauthorized access to the system. Exploitation requires low complexity and no user interaction, enabling high-impact compromise of confidentiality, integrity, and availability.

Dell security advisory DSA-2026-060 addresses this and other vulnerabilities in PowerProtect Data Domain, providing security updates for mitigation. Details on patches and remediation are available at https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities.

Details

CWE(s)
CWE-1391

Affected Products

dell
powerprotect dp series appliance
≤ 2.7.9
dell
data domain operating system
7.7.1.0 — 7.13.1.60 · 7.14.0.0 — 8.3.1.30 · 8.4.0.0 — 8.6.0.0

CVEs Like This One

CVE-2026-26944Same product: Dell Data Domain Operating System
CVE-2026-26354Same product: Dell Data Domain Operating System
CVE-2026-23774Same product: Dell Data Domain Operating System
CVE-2026-23776Same product: Dell Data Domain Operating System
CVE-2026-23778Same product: Dell Data Domain Operating System
CVE-2025-22475Same product: Dell Data Domain Operating System
CVE-2026-23775Same product: Dell Data Domain Operating System
CVE-2025-36568Same product: Dell Data Domain Operating System
CVE-2025-46645Same product: Dell Data Domain Operating System
CVE-2024-53295Same product: Dell Data Domain Operating System

References