Dell PowerProtect DD Risky Crypto CVE-2025-22475 (8.3/7.10.1.50/7.13.1.10)
CVE-2025-22475 Published on February 4, 2025
Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability. A remote attacker could potentially exploit this vulnerability, leading to Information tampering.
Vulnerability Analysis
CVE-2025-22475 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.
Weakness Type
Use of a Risky Cryptographic Primitive
This device implements a cryptographic algorithm using a non-standard or unproven cryptographic primitive.
Products Associated with CVE-2025-22475
Want to know whenever a new CVE is published for Dell Data Domain Operating System? stack.watch will email you.
Affected Versions
Dell PowerProtect DD:- Version 7.7.1.0, <= 8.1.0.10 is affected.
- Version 7.13.1.0, <= 7.13.1.10 is affected.
- Version 7.10.1.0, <= 7.10.1.40 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.