Cyber Resilience

CVE-2026-23853

High

Published: 17 April 2026

Published
17 April 2026
Modified
08 May 2026
KEV Added
Patch
CVSS Score v3.1 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0016 5.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-23853 is a high-severity Use of Weak Credentials (CWE-1391) vulnerability in Dell Data Domain Operating System. Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Local Accounts (T1078.003); ranked at the 5.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and PE-3 (Physical Access Control).

Deeper analysis

CVE-2026-23853 is a use of weak credentials vulnerability (CWE-1391) in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS). It affects Feature Release versions 7.7.1.0 through 8.5, LTS2025 release versions 8.3.1.0 through 8.3.1.20, and LTS2024 release versions 7.13.1.0 through 7.13.1.50. The vulnerability carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-04-17.

An unauthenticated attacker with local access could potentially exploit this vulnerability to gain unauthorized access to the system. Exploitation requires low complexity and no user interaction, enabling high-impact compromise of confidentiality, integrity, and availability.

Dell security advisory DSA-2026-060 addresses this and other vulnerabilities in PowerProtect Data Domain, providing security updates for mitigation. Details on patches and remediation are available at https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacker…

more

with local access could potentially exploit this vulnerability, leading to unauthorized access to the system.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1078.003 Local Accounts Stealth
Adversaries may obtain and abuse credentials of a local account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
T1110.001 Password Guessing Credential Access
Adversaries with no prior knowledge of legitimate credentials within the system or environment may guess passwords to attempt access to accounts.
Why these techniques?

Weak/default credentials vulnerability directly enables local brute-force or guessing attacks to obtain valid local accounts for unauthorized access.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-26354Same product: Dell Data Domain Operating System
CVE-2026-23776Same product: Dell Data Domain Operating System
CVE-2026-23774Same product: Dell Data Domain Operating System
CVE-2026-23778Same product: Dell Data Domain Operating System
CVE-2026-26944Same product: Dell Data Domain Operating System
CVE-2025-22475Same product: Dell Data Domain Operating System
CVE-2025-36568Same product: Dell Data Domain Operating System
CVE-2024-51534Same product: Dell Data Domain Operating System
CVE-2025-46645Same product: Dell Data Domain Operating System
CVE-2025-36594Same product: Dell Data Domain Operating System

Affected Assets

dell
powerprotect dp series appliance
≤ 2.7.9
dell
data domain operating system
7.7.1.0 — 7.13.1.60 · 7.14.0.0 — 8.3.1.30 · 8.4.0.0 — 8.6.0.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires management of authenticators to ensure they are strong, unique, and not default or weak, preventing exploitation of this weak credentials vulnerability.

prevent

Enforces physical access controls to systems, blocking unauthenticated local attackers from reaching and exploiting weak credentials at console or local interfaces.

prevent

Mandates timely flaw remediation including patching as provided in Dell's DSA-2026-060 advisory, directly addressing this specific weak credentials vulnerability.

References