Dell PowerProtect DD OS (8.3.1.0) Broken Crypto Vulnerability
CVE-2025-43913 Published on October 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DDOS. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.
Vulnerability Analysis
CVE-2025-43913 can be exploited with network access, requires user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
Use of a Broken or Risky Cryptographic Algorithm
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information. The use of a non-standard algorithm is dangerous because a determined attacker may be able to break the algorithm and compromise whatever data has been protected. Well-known techniques may exist to break the algorithm.
Products Associated with CVE-2025-43913
Want to know whenever a new CVE is published for Dell Data Domain Operating System? stack.watch will email you.
Affected Versions
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release:- Version 7.7.1.0 and below 8.4.0.0 is affected.
- Version 8.3.1.0 and below 8.3.1.10 is affected.
- Version 7.13.1.0 and below 7.13.1.40 is affected.
- Version 7.10.1.0 and below 7.10.1.70 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.