CVE-2026-24504

High

Published: 20 April 2026

Published

20 April 2026

Modified

20 April 2026

KEV Added

—

Patch

—

CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0014 32.9th percentile

Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24504 is a high-severity Improper Input Validation (CWE-20) vulnerability in Dell PowerProtect Data (inferred from references). Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Remediating the specific flaw through application of Dell's security update directly eliminates the improper input validation vulnerability and prevents arbitrary root command execution.

SI-10 Information Input Validation good match

prevent

Enforces validation of information inputs at external interfaces, directly countering the CWE-20 improper input validation exploited for command injection.

AC-6 Least Privilege partial match

prevent

Limits high-privileged remote accounts to the least privileges necessary, reducing the attack surface for exploitation requiring PR:H access.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

T1059.004 Unix Shell Execution

Adversaries may abuse Unix shell commands and scripts for execution.

attack.mitre.org →

Why these techniques?

Remote improper input validation enables arbitrary root command execution on a public-facing appliance (T1190), directly facilitating privilege escalation (T1068) via Unix shell commands (T1059.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to…

arbitrary command execution with root privileges.

Deeper analysisAI

CVE-2026-24504 is an improper input validation vulnerability (CWE-20) affecting Dell PowerProtect Data Domain storage appliances. The issue impacts versions 7.7.1.0 through 8.6, LTS2025 release versions 8.3.1.0 through 8.3.1.20, and LTS2024 release versions 7.13.1.0 through 7.13.1.60. Published on 2026-04-20, it carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts.

A high-privileged attacker with remote network access can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation enables arbitrary command execution with root privileges on the affected system.

Dell Security Advisory DSA-2026-060 provides details on mitigation, including a security update addressing this and multiple other vulnerabilities in PowerProtect Data Domain: https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities.