Dell PowerProtect Data Domain DD OS 8.4-8.5 Improper Auth
CVE-2025-46641 Published on April 17, 2026

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2025-46641 can be exploited with network access, and requires user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

NETWORK

Attack Complexity:

HIGH

Privileges Required:

HIGH

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is an authentification Vulnerability?

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

CVE-2025-46641 has been classified to as an authentification vulnerability or weakness.

Affected Versions

Dell PowerProtect Data Domain:

Before 8.6.0.0 or later is affected.

Dell PowerProtect Data Domain DD OS 8.4-8.5 Improper AuthCVE-2025-46641 Published on April 17, 2026

Vulnerability Analysis

Weakness Type

What is an authentification Vulnerability?

Affected Versions

Dell PowerProtect Data Domain DD OS 8.4-8.5 Improper Auth
CVE-2025-46641 Published on April 17, 2026