CVE-2026-23853
HIGHDescription
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to unauthorized access to the system.
Is your site exposed to CVE-2026-23853?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| dell | powerprotect_dp_series_appliance |
| dell | data_domain_operating_system |
| dell | data_domain_operating_system |
| dell | data_domain_operating_system |
References
Frequently Asked Questions
What is CVE-2026-23853? +
How severe is CVE-2026-23853? +
What products are affected by CVE-2026-23853? +
How do I check if I'm vulnerable to CVE-2026-23853? +
Related Vulnerabilities
Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. …
A vulnerability exists in the netclient and factory services of Reolink Home Hub (versions prior to v3.3.0.456_26031911) due to the …
In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can …
Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials.
Longse model LBH30FE200W cameras, as well as products based on this device, make use of telnet passwords which follow a …
ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s date of birth (e.g., 12072000 …