Cyber Resilience

CVE-2026-24505

High

Published: 20 April 2026

Published
20 April 2026
Modified
20 April 2026
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0013 31.7th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24505 is a high-severity Improper Input Validation (CWE-20) vulnerability in Dell PowerProtect Data (inferred from references). Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 31.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-24505 is an improper input validation vulnerability (CWE-20) in Dell PowerProtect Data Domain, affecting versions 8.5 through 8.6. Published on 2026-04-20T17:16:31.920, it carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts.

A high-privileged attacker with remote access can exploit this vulnerability to execute arbitrary commands with root privileges on the affected system. The attack requires high privileges (PR:H) but low complexity (AC:L), no user interaction (UI:N), and is feasible over the network (AV:N) without scope changes (S:U).

Dell Security Advisory DSA-2026-060 provides details on mitigation, including a security update addressing this and multiple other vulnerabilities in PowerProtect Data Domain; practitioners should consult https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities for patch deployment instructions.

EU & UK References

Vulnerability details

Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
Why these techniques?

Remote network-accessible improper input validation directly enables arbitrary command execution as root on a public-facing appliance (T1190), with the high-privileged starting context and root outcome mapping to exploitation for privilege escalation (T1068) and Unix shell command execution (T1059.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-1098Shared CWE-20
CVE-2026-24504Shared CWE-20
CVE-2026-2750Shared CWE-20
CVE-2025-59886Shared CWE-20
CVE-2024-56133Shared CWE-20
CVE-2026-32604Shared CWE-20
CVE-2025-66259Shared CWE-20
CVE-2025-27493Shared CWE-20
CVE-2026-34980Shared CWE-20
CVE-2025-30452Shared CWE-20

Affected Assets

Dell
PowerProtect Data
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mandates information input validation at defined points, addressing the core improper input validation (CWE-20) that enables arbitrary root command execution in this CVE.

prevent

Requires timely identification, reporting, and remediation of flaws like CVE-2026-24505 via patching as detailed in Dell Security Advisory DSA-2026-060.

prevent

Enforces least privilege to minimize high-privilege (PR:H) accounts with remote access capable of exploiting this vulnerability for root command execution.

References