Dell Recoverpoint Virtual Machines
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Dell Recoverpoint Virtual Machines.
By the Year
In 2026 there have been 1 vulnerability in Dell Recoverpoint Virtual Machines with an average score of 10.0 out of ten. Last year, in 2025 Recoverpoint Virtual Machines had 2 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Recoverpoint Virtual Machines in 2026 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2026 is greater by 2.20.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 10.00 |
| 2025 | 2 | 7.80 |
| 2024 | 9 | 8.48 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 6.70 |
It may take a day or so for new Recoverpoint Virtual Machines vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Dell Recoverpoint Virtual Machines Security Vulnerabilities
Dell RecoverPoint for VM <6.0.3.1 HF1 Hardcoded Credential Remote Exploit
CVE-2026-22769
10 - Critical
- February 17, 2026
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.
Use of Hard-coded Credentials
Dell Recover Point 6.0.X Weak FS Permissions Local Privilege (CVE-2025-21106)
CVE-2025-21106
- February 20, 2025
Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the system.
Incorrect Default Permissions
Dell RecoverPoint 6.0.X Binary Command Execution Vulnerability
CVE-2025-21105
7.8 - High
- February 20, 2025
Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down the server, modifying the configuration leading to gain access to unauthorized data.
Authorization
Dell RVM 6.0.x DoS via RPA Persistent Exploit
CVE-2024-47984
6.5 - Medium
- December 13, 2024
Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Service vulnerability. A User with Remote access could potentially exploit this vulnerability, leading to the disruption of most functionalities of the RPA persistent after reboot, resulting in need of technical support intervention in getting system back to stable state.
Improper Filtering of Special Elements
CVE-2024-28980 Dell RPVM 6.0.x Remote Exec via Poor SSH Crypto
CVE-2024-28980
9.8 - Critical
- December 13, 2024
Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the SSH. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.
Use of a Broken or Risky Cryptographic Algorithm
Dell RecoverPoint 6.0.x Improper Access Control
CVE-2024-24902
5.5 - Medium
- December 13, 2024
Dell RecoverPoint for Virtual Machines 6.0.x contains an Improper access control vulnerability. A low privileged local attacker could potentially exploit this vulnerability leading to gaining access to unauthorized data for a limited time.
Authorization
Dell RecoverPoint for Virtual Machines OS Command Injection Vulnerability
CVE-2024-48008
6.5 - Medium
- December 13, 2024
Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An Low privileged remote attacker could potentially exploit this vulnerability leading to information disclosure ,allowing of unintended actions like reading files that may contain sensitive information
Shell injection
Dell RecoverPoint for Virtual Machines Hard-Coded Credentials Vulnerability
CVE-2024-48007
9.8 - Critical
- December 13, 2024
Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability. A Remote unauthenticated attacker could potentially exploit this vulnerability by gaining access to the source code, easily retrieving these secrets and reusing them to access the system leading to gaining access to unauthorized data.
Use of Hard-coded Credentials
Dell RecoverPoint for VMs Authentication Bypass Vulnerability
CVE-2024-38488
9.8 - Critical
- December 13, 2024
Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of Excessive Authentication vulnerability where a Network attacker could potentially exploit this vulnerability, leading to a brute force attack or a dictionary attack against the RecoverPoint login form and a complete system compromise. This allows attackers to brute-force the password of valid users in an automated manner.
Improper Restriction of Excessive Authentication Attempts
Dell RecoverPoint for Virtual Machines OS Command Injection Vulnerability
CVE-2024-22461
8.8 - High
- December 13, 2024
Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged remote attacker could potentially exploit this vulnerability by running any command as root, leading to gaining of root-level access and compromise of complete system.
Shell injection
Dell RecoverPoint VM 5.3.x/6.0.SP1 OS Command Injection Vulnerability
CVE-2024-22426
9.8 - Critical
- February 16, 2024
Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary operating system commands, which will get executed in the context of the root user, resulting in a complete system compromise.
Shell injection
Dell RecoverPoint for Virtual Machines 5.3.x/6.0.SP1 BruteForce Login Attack
CVE-2024-22425
9.8 - Critical
- February 16, 2024
Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint login form. This allows attackers to brute-force the password of valid users in an automated manner.
Improper Restriction of Excessive Authentication Attempts
Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI
CVE-2019-3727
6.7 - Medium
- May 15, 2019
Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. A malicious boxmgmt user may potentially be able to execute arbitrary commands as root.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Dell Recoverpoint Virtual Machines or by Dell? Click the Watch button to subscribe.
