CVE-2026-24505

High

Published: 20 April 2026

Published

20 April 2026

Modified

20 April 2026

KEV Added

—

Patch

—

CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0014 32.9th percentile

Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24505 is a high-severity Improper Input Validation (CWE-20) vulnerability in Dell PowerProtect Data (inferred from references). Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly mandates information input validation at defined points, addressing the core improper input validation (CWE-20) that enables arbitrary root command execution in this CVE.

SI-2 Flaw Remediation good match

prevent

Requires timely identification, reporting, and remediation of flaws like CVE-2026-24505 via patching as detailed in Dell Security Advisory DSA-2026-060.

AC-6 Least Privilege partial match

prevent

Enforces least privilege to minimize high-privilege (PR:H) accounts with remote access capable of exploiting this vulnerability for root command execution.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

T1059.004 Unix Shell Execution

Adversaries may abuse Unix shell commands and scripts for execution.

attack.mitre.org →

Why these techniques?

Remote network-accessible improper input validation directly enables arbitrary command execution as root on a public-facing appliance (T1190), with the high-privileged starting context and root outcome mapping to exploitation for privilege escalation (T1068) and Unix shell command execution (T1059.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.

Deeper analysisAI

CVE-2026-24505 is an improper input validation vulnerability (CWE-20) in Dell PowerProtect Data Domain, affecting versions 8.5 through 8.6. Published on 2026-04-20T17:16:31.920, it carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts.

A high-privileged attacker with remote access can exploit this vulnerability to execute arbitrary commands with root privileges on the affected system. The attack requires high privileges (PR:H) but low complexity (AC:L), no user interaction (UI:N), and is feasible over the network (AV:N) without scope changes (S:U).

Dell Security Advisory DSA-2026-060 provides details on mitigation, including a security update addressing this and multiple other vulnerabilities in PowerProtect Data Domain; practitioners should consult https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities for patch deployment instructions.