Data Domain Operating System Dell Data Domain Operating System

  1. Vendors
  2. Dell
  3. Data Domain Operating System

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Dell Data Domain Operating System.

By the Year

In 2026 there have been 4 vulnerabilities in Dell Data Domain Operating System with an average score of 4.4 out of ten. Last year, in 2025 Data Domain Operating System had 23 security vulnerabilities published. Right now, Data Domain Operating System is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 1.56

Year Vulnerabilities Average Score
2026 4 4.38
2025 23 5.93
2024 11 6.22

It may take a day or so for new Data Domain Operating System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Dell Data Domain Operating System Security Vulnerabilities

Dell PowerProtect Data Domain OS Command Injection 7.7.1.0-8.4.0.0
CVE-2025-46645 6.5 - Medium - January 09, 2026

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

Shell injection

Dell PowerProtect Data Domain DD OS 7.7.1.0-8.4.0 Heap Buffer Overflow DoS
CVE-2025-46643 2.3 - Low - January 09, 2026

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain a Heap-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

Heap-based Buffer Overflow

Dell PowerProtect Data Domain DD OS 7.7.1.0-8.4.0.0 Sensitive Info Exposure
CVE-2025-46676 2.7 - Low - January 09, 2026

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

Information Disclosure

Dell PowerProtect Data Domain OS: OS Command Injection pre-8.5
CVE-2025-46644 6 - Medium - January 09, 2026

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS2023 release versions 7.10.1.0 through 7.10.1.70, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

Shell injection

Dell PowerProtect DD OS <7.7.1.0-8.1.0.10, 7.13.1.025, 7.10.1.050: Arg Injection for Local Priv Esca
CVE-2025-36565 6.7 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Argument Injection

Dell PowerProtect DataDomain OS Cmd Inject 7.7.1.0-8.1.0.10
CVE-2025-36566 6.7 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Shell injection

OS Command Injection in Dell PowerProtect DataDomain OS (7.78.1)
CVE-2025-36569 6.7 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

Shell injection

OS Command Injection in Dell PowerProtect Data Domain 7.7.1.0-8.1.0.10 & 7.10-7.13
CVE-2025-36567 6.7 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Shell injection

Dell PowerProtect Data Domain DD OS <8.1 Unauth Auth Alg in RESTAPI
CVE-2025-43727 7.5 - High - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an incorrect Implementation of Authentication Algorithm vulnerability in the RestAPI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

Incorrect Implementation of Authentication Algorithm

Dell PowerProtect Data Domain DD OS Stack Buffer Overflow in DDSH CLI (DoS)
CVE-2025-43910 2.3 - Low - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

Stack Overflow

Dell PowerProtect Data Domain DD OS 7.7.1-8.3.1 Risky Crypto Alg. in DD
CVE-2025-43909 3.7 - Low - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DD boost. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

Use of a Broken or Risky Cryptographic Algorithm

Dell PowerProtect Data Domain 7.7.1.0-8.3.1.0 ARGINJ Vulnerability (DoS)
CVE-2025-43905 4.3 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

Argument Injection

Stack-Overflow in Dell PowerProtect Data Domain DD OS 7.7.1.0 - 8.3.1.0, DoS
CVE-2025-45375 4.4 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

Stack Overflow

Dell PowerProtect DD OS (8.3.1.0) Broken Crypto Vulnerability
CVE-2025-43913 5.3 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DDOS. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

Use of a Broken or Risky Cryptographic Algorithm

Dell PowerProtect Data Domain DD OS Heap Overflow before 8.3.1.0 leads to DoS
CVE-2025-43912 5.3 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

Heap-based Buffer Overflow

Dell PowerProtect Data Domain OS 7.7.1.0-8.3.1.0 Weak Crypto Auth CVE-2025-43891
CVE-2025-43891 5.3 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an use of a Broken or Risky Cryptographic Algorithm vulnerability in the Authentication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

Use of a Broken or Risky Cryptographic Algorithm

Dell PowerProtect: Path Traversal in UI, v7.78.4 Unauth Remote Exposure
CVE-2025-43889 5.3 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

Directory traversal

Dell PowerProtect Data Domain DD OS Path Traversal (Local) <8.3.0.15
CVE-2025-43934 6 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Unauthorized access.

Directory traversal

OS-CMD Inject in Dell PowerProtect Data Domain OS 7.7.1.0-8.3.15
CVE-2025-43908 6.4 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

Shell injection

Dell PowerProtect Data Domain OS Path Traversal < 8.3.1.0
CVE-2025-43907 6.5 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Path Traversal: '.../...//' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

Path Traversal: '.../...//'

Dell PowerProtect Data Domain OS Command Injection in DD OS 7.7.1-8.3.1
CVE-2025-43911 6.7 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Shell injection

Dell PowerProtect Data Domain DD OS 7.7.1.0-8.3.1.0 OS Command Injection
CVE-2025-43906 6.7 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Shell injection

OS Command Injection in Dell PowerProtect DataDomain OS 7.78.3, LTS 2024
CVE-2025-43890 6.7 - Medium - October 07, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Shell injection

Dell PowerProtect DD Risky Crypto CVE-2025-22475 (8.3/7.10.1.50/7.13.1.10)
CVE-2025-22475 7.5 - High - February 04, 2025

Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability. A remote attacker could potentially exploit this vulnerability, leading to Information tampering.

Use of a Broken or Risky Cryptographic Algorithm

Dell PowerProtect DD <8.3.0.0 Improper Access Control (Privilege Escalation)
CVE-2024-53295 7.8 - High - February 01, 2025

Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper access control vulnerability. A local malicious user with low privileges could potentially exploit this vulnerability leading to escalation of privilege.

Insufficient Granularity of Access Control

Dell PowerProtect DD <8.3 PT overwrite OS files
CVE-2024-51534 7.1 - High - February 01, 2025

Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. A local low privileged could potentially exploit this vulnerability to gain unauthorized overwrite of OS files stored on the server filesystem. Exploitation could lead to denial of service.

Directory traversal

Dell PowerProtect DD RestAPI Buffer Overflow <7.10.1.50,7.13.1.20
CVE-2024-53296 4.9 - Medium - February 01, 2025

Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

Memory Corruption

Dell PowerProtect Privilege Escalation
CVE-2024-45759 7.3 - High - November 08, 2024

Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system.

Dell PowerProtect DD Access Control Bypass
CVE-2024-48010 7.2 - High - November 08, 2024

Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application.

Authorization

Dell PowerProtect DD 7.7 Info Leak - November 2024
CVE-2024-48011 6.5 - Medium - November 08, 2024

Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

Information Disclosure

Open-Redirect in Dell PowerProtect DD <8.0 (LTS 7.13.1.0, 7.10.1.30, 7.7.5.40)
CVE-2024-37141 3.5 - Low - June 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an open redirect vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.

Open Redirect

Dell PowerProtect DD <8.0 & LTS 7.x Rel Path Traversal
CVE-2024-37138 6.8 - Medium - June 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC contain a relative path traversal vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the application sending over an unauthorized file to the managed system.

Relative Path Traversal

Dell PowerProtect DD <=8.0 Improper Resource Lifetime (DoS)
CVE-2024-37139 6.5 - Medium - June 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an Improper Control of a Resource Through its Lifetime vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to temporary resource constraint of system application. Exploitation may lead to denial of service of the application.

Improper Control of a Resource Through its Lifetime

Dell PowerProtect DD 7.x LTS OS Command Injection (Pre-8.0)
CVE-2024-37140 8.8 - High - June 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an OS command injection vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the system application's underlying OS with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

Shell injection

SQLi in Dell Data Domain <7.13.0.0 LTS: Local LowPriv Attack
CVE-2024-29174 4.4 - Medium - June 26, 2024

Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS 7.10.1.20 contain an SQL Injection vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing unauthorized access to application data.

SQL Injection

Dell PowerProtect Data Domain weak crypto before 7.13.0.0 enabling MITM
CVE-2024-29175 5.9 - Medium - June 26, 2024

Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an weak cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to man-in-the-middle attack that exposes sensitive session information.

Use of a Broken or Risky Cryptographic Algorithm

Out-of-bounds Write in Dell PowerProtect DD (7.7.5.408.0) Code Exec
CVE-2024-29176 8.8 - High - June 26, 2024

Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.

Memory Corruption

Dell PowerProtect DD <=8.0 Temporary Sensitive Info Disclosure
CVE-2024-29177 2.7 - Low - June 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a disclosure of temporary sensitive information vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the reuse of disclosed information to gain unauthorized access to the application report.

Insertion of Sensitive Information into Log File

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Dell Data Domain Operating System or by Dell? Click the Watch button to subscribe.

Dell
Vendor

Dell Data Domain Operating System
Product

subscribe