DSA-2025-333: Security Update for Dell PowerProtect Data Domain Multiple Vulnerabilities

Summary: Dell PowerProtect Data Domain remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

High

Details

Third-Party Component

CVEs

More Information

IDRAC9

CVE-2025-22397

DSA-2025-376

BASFE SSL-J

CVE-2024-29171, CVE-2024-29172

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Bind

CVE-2024-11187

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Certifi

CVE-2024-39689

 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

configobj

CVE-2023-26112

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Cpython

CVE-2024-7592, CVE-2024-6232, CVE-2024-3219, CVE-2024-6923, CVE-2022-40899

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

CPython "venv"

CVE-2024-9287

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

curl

CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

FreeType

CVE-2025-27363

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Glib

CVE-2024-34397

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

GNOME Glib

CVE-2024-52533

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

GNU C Library

CVE-2025-0395

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

grub2

CVE-2025-1125, CVE-2025-1118, CVE-2025-0690, CVE-2025-0689, CVE-2025-0686, CVE-2025-0685, CVE-2025-0684, CVE-2025-0678, CVE-2025-0677, CVE-2025-0624, CVE-2025-0622, CVE-2024-56737, CVE-2024-45783, CVE-2024-45782, CVE-2024-45781, CVE-2024-45780, CVE-2024-45779, CVE-2024-45778, CVE-2024-45777, CVE-2024-45776, CVE-2024-45775, CVE-2024-45774

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

HTTP/2

CVE-2023-44487

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Jinja

CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Kernel

CVE-2021-22543, CVE-2021-37159, CVE-2021-47634, CVE-2021-47644, CVE-2022-2991, CVE-2022-48636, CVE-2022-48650, CVE-2022-48664, CVE-2022-48953, CVE-2022-48975, CVE-2022-49006, CVE-2022-49076, CVE-2022-49080, CVE-2022-49089, CVE-2022-49124, CVE-2022-49134, CVE-2022-49135, CVE-2022-49151, CVE-2022-49178, CVE-2022-49182, CVE-2022-49201, CVE-2022-49247, CVE-2022-49490, CVE-2022-49626, CVE-2022-49661, CVE-2023-0394, CVE-2023-6606, CVE-2023-52572, CVE-2023-52646, CVE-2023-52653, CVE-2023-52853, CVE-2023-52924, CVE-2024-23307, CVE-2024-26810, CVE-2024-26929, CVE-2024-26930, CVE-2024-26931, CVE-2024-27054, CVE-2024-27388, CVE-2024-27397, CVE-2024-47701, CVE-2024-49867, CVE-2024-49884, CVE-2024-49950, CVE-2024-49963, CVE-2024-49975, CVE-2024-50036, CVE-2024-50067, CVE-2024-50073, CVE-2024-50115, CVE-2024-50251, CVE-2024-50304, CVE-2024-53173, CVE-2024-53217, CVE-2024-53239, CVE-2024-56539, CVE-2024-56605, CVE-2024-56633, CVE-2024-56647, CVE-2024-56658, CVE-2024-56688, CVE-2024-57896, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21690, CVE-2025-21700, CVE-2025-21753, CVE-2024-56533, CVE-2024-56532, CVE-2024-56369, CVE-2024-55916, CVE-2024-53227, CVE-2024-53197, CVE-2024-53185, CVE-2024-53155, CVE-2024-52332, CVE-2024-50142, CVE-2024-49948, CVE-2024-48881, CVE-2024-47809, CVE-2024-26644, CVE-2021-47223, CVE-2021-47222, CVE-2024-57890, CVE-2024-57884, CVE-2024-56769, CVE-2024-56763, CVE-2024-56759, CVE-2024-56748, CVE-2024-56747, CVE-2024-56739, CVE-2024-56722, CVE-2024-56700, CVE-2024-56681, CVE-2024-56662, CVE-2024-56661, CVE-2024-56650, CVE-2024-56643, CVE-2024-56641, CVE-2024-56637, CVE-2024-56630, CVE-2024-56623, CVE-2024-56615, CVE-2024-56601, CVE-2024-56600, CVE-2024-56594, CVE-2024-56593, CVE-2024-56574, CVE-2021-46936, CVE-2021-47163, CVE-2021-47416, CVE-2021-47612, CVE-2022-48788, CVE-2022-48789, CVE-2022-48790, CVE-2022-48809, CVE-2022-48946, CVE-2022-48949, CVE-2022-48951, CVE-2022-48956, CVE-2022-48958, CVE-2022-48960, CVE-2022-48962, CVE-2022-48966, CVE-2022-48967, CVE-2022-48969, CVE-2022-48971, CVE-2022-48972, CVE-2022-48973, CVE-2022-48978, CVE-2022-48985, CVE-2022-48988, CVE-2022-48991, CVE-2022-48992, CVE-2022-48997, CVE-2022-49000, CVE-2022-49002, CVE-2024-50033, CVE-2024-50035, CVE-2024-50045, CVE-2024-50047, CVE-2024-50058, CVE-2025-21682, CVE-2025-21678, CVE-2025-21664, CVE-2025-21653, CVE-2024-57938, CVE-2024-57932, CVE-2024-57931, CVE-2024-57929, CVE-2024-57922, CVE-2024-57903, CVE-2024-57899, CVE-2025-21673 , CVE-2025-21689 , CVE-2024-56548

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libexpat1

CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libtasn1

CVE-2024-12133

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libxml2

CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

NGINX

CVE-2024-7347

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

OpenSSL

CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-13176

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

OpenTelemetry-Go

CVE-2023-45142, CVE-2023-47108, CVE-2024-41110

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

PostgreSQL libpq

CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

ps utility

CVE-2023-4016

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Requests

CVE-2024-35195, CVE-2023-32681

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

rsync

CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

setuptools

CVE-2024-6345

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

sqlite

CVE-2023-7104

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Sudo

CVE-2021-3156

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

systemd-resolved

CVE-2023-7008

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

ucode-intel

CVE-2024-31068, CVE-2024-36293, CVE-2024-37020, CVE-2024-39355, CVE-2024-21820, CVE-2024-21853, CVE-2024-23918

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

urllib3

CVE-2024-37891

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

WEBrick toolkit

CVE-2024-47220

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

X.Org and Xwayland

CVE-2025-26597

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

xz

CVE-2024-47611, CVE-2020-22916

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-43914

Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

7.5

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43890

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43906

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43911

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43907

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Path Traversal: '.../...//' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43908

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43934

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Unauthorized access.

6.0

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43889

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43891

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an use of a Broken or Risky Cryptographic Algorithm vulnerability in the Authentication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43912

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43913

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DDOS. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

5.3

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-45375

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

4.4

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43905

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

4.3

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43909

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DD boost. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

3.7

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43910

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

2.3

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-43914

Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

7.5

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43890

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43906

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43911

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43907

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Path Traversal: '.../...//' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43908

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43934

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Unauthorized access.

6.0

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43889

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43891

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an use of a Broken or Risky Cryptographic Algorithm vulnerability in the Authentication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43912

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43913

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DDOS. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

5.3

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-45375

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

4.4

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43905

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

4.3

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43909

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DD boost. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

3.7

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43910

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

2.3

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2025-22397

DD OS 8.4

Dell PowerProtect Data Domain series appliances

Versions 7.7.1.0 through 8.4.0.0

Version 8.4.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DD OS 8.3.1

Dell PowerProtect Data Domain series appliances

Versions 8.3.1.0

Version 8.3.1.10 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DDOS 7.10.1

Dell PowerProtect Data Domain series appliances

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-43889

DD OS 8.4

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, Dell APEX Protection Storage, and Data Domain Management Center with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.4.0.0

Version 8.5.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-43914

DD OS 8.4

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DD OS 8.3.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2025 8.3.1

Versions 8.3.1.0

Version 8.3.1.10 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DD OS 7.13.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DDOS 7.10.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Boost – File System | Dell US

CVE-2024-29171,  CVE-2024-29172, CVE-2024-39689, CVE-2025-27687, CVE-2024-35195, CVE-2022-40899, CVE-2024-7592, CVE-2024-2511, CVE-2024-37891, CVE-2023-32681, CVE-2024-47611, CVE-2024-6232, CVE-2020-22916, CVE-2024-3219, CVE-2024-6923, CVE-2024-6345, CVE-2023-7104, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910

DD OS 8.4

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-39689, CVE-2025-27687, CVE-2024-35195, CVE-2022-40899,CVE-2024-7592, CVE-2024-2511,CVE-2024-37891,CVE-2023-32681,CVE-2024-47611,CVE-2024-6232,CVE-2020-22916,CVE-2024-3219,CVE-2024-6923,CVE-2024-6345, CVE-2023-7104, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891,CVE-2025-43912,CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910

DD OS 8.3.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2025 8.3.1

Versions 8.3.1.0

Version 8.3.1.10 or later

 Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910, CVE-2025-43889

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890 ,CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910, CVE-2025-43889

DD OS 7.10.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 8.4

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 8.3.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2025 8.3.1

Version 8.3.1.0

Version 8.3.1.10 or later

 Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 7.13.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977 ,CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906,  CVE-2025-43908, CVE-2025-43910

DD OS 7.10.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2025-27516, CVE-2025-27363, CVE-2025-27113, CVE-2025-26597, CVE-2025-26465, CVE-2025-24928, CVE-2025-24528, CVE-2025-21753, CVE-2025-21700, CVE-2025-21690, CVE-2025-21689, CVE-2025-21682, CVE-2025-21678, CVE-2025-21673, CVE-2025-21664, CVE-2025-21653, CVE-2025-21640, CVE-2025-21639, CVE-2025-21638, CVE-2025-1125, CVE-2025-1118, CVE-2025-1094, CVE-2025-0725, CVE-2025-0690, CVE-2025-0689, CVE-2025-0686, CVE-2025-0685, CVE-2025-0684, CVE-2025-0678, CVE-2025-0677, CVE-2025-0624, CVE-2025-0622, CVE-2025-0395, CVE-2025-0167, CVE-2024-9681, CVE-2024-9287, CVE-2024-9143, CVE-2024-7347, CVE-2024-57938, CVE-2024-57932, CVE-2024-57931, CVE-2024-57929, CVE-2024-57922, CVE-2024-57903, CVE-2024-57899, CVE-2024-57896, CVE-2024-57890, CVE-2024-57884, CVE-2024-56769, CVE-2024-56763, CVE-2024-56759, CVE-2024-56748, CVE-2024-56747, CVE-2024-56739, CVE-2024-56737, CVE-2024-56722, CVE-2024-56700, CVE-2024-56688, CVE-2024-56681, CVE-2024-56662, CVE-2024-56661, CVE-2024-56658, CVE-2024-56650, CVE-2024-56647, CVE-2024-56643, CVE-2024-56641, CVE-2024-56637, CVE-2024-56633, CVE-2024-56630, CVE-2024-56623, CVE-2024-56615, CVE-2024-56605, CVE-2024-56601, CVE-2024-56600, CVE-2024-56594, CVE-2024-56593, CVE-2024-56574, CVE-2024-56548, CVE-2024-56539, CVE-2024-56533, CVE-2024-56532, CVE-2024-56369, CVE-2024-56326, CVE-2024-56201, CVE-2024-56171, CVE-2024-55916, CVE-2024-5535, CVE-2024-53239, CVE-2024-53227, CVE-2024-53217, CVE-2024-53197, CVE-2024-53185, CVE-2024-53173, CVE-2024-53155, CVE-2024-52533, CVE-2024-52332, CVE-2024-50602, CVE-2024-50304, CVE-2024-50251, CVE-2024-50142, CVE-2024-50115, CVE-2024-50073, CVE-2024-50067, CVE-2024-50058, CVE-2024-50047, CVE-2024-50045, CVE-2024-50036, CVE-2024-50035, CVE-2024-50033, CVE-2024-49975, CVE-2024-49963, CVE-2024-49950, CVE-2024-49948, CVE-2024-49884, CVE-2024-49867, CVE-2024-48881, CVE-2024-47809, CVE-2024-47701, CVE-2024-47220, CVE-2024-45783, CVE-2024-45782, CVE-2024-45781, CVE-2024-45780, CVE-2024-45779, CVE-2024-45778, CVE-2024-45777, CVE-2024-45776, CVE-2024-45775, CVE-2024-45774, CVE-2024-45492, CVE-2024-45491, CVE-2024-45490, CVE-2024-41110, CVE-2024-39355, CVE-2024-37020, CVE-2024-36293, CVE-2024-34459, CVE-2024-34397, CVE-2024-34064, CVE-2024-31068, CVE-2024-29172, CVE-2024-29171, CVE-2024-27397, CVE-2024-27388, CVE-2024-27054, CVE-2024-26931, CVE-2024-26930, CVE-2024-26929, CVE-2024-26810, CVE-2024-26644, CVE-2024-2511, CVE-2024-23918, CVE-2024-23307, CVE-2024-22195, CVE-2024-21853, CVE-2024-21820, CVE-2024-13176, CVE-2024-12747, CVE-2024-12133, CVE-2024-12088, CVE-2024-12087, CVE-2024-12086, CVE-2024-12085, CVE-2024-11187, CVE-2024-11053, CVE-2024-10979, CVE-2024-10978, CVE-2024-10977, CVE-2024-10976, CVE-2023-7008, CVE-2023-6606, CVE-2023-52924, CVE-2023-52853, CVE-2023-52653, CVE-2023-52646, CVE-2023-52572, CVE-2023-50782, CVE-2023-47108, CVE-2023-45142, CVE-2023-44487, CVE-2023-4016, CVE-2023-26112, CVE-2023-0394, CVE-2022-49661, CVE-2022-49626, CVE-2022-49490, CVE-2022-49247, CVE-2022-49201, CVE-2022-49182, CVE-2022-49178, CVE-2022-49151, CVE-2022-49135, CVE-2022-49134, CVE-2022-49124, CVE-2022-49089, CVE-2022-49080, CVE-2022-49076, CVE-2022-49043, CVE-2022-49006, CVE-2022-49002, CVE-2022-49000, CVE-2022-48997, CVE-2022-48992, CVE-2022-48991, CVE-2022-48988, CVE-2022-48985, CVE-2022-48978, CVE-2022-48975, CVE-2022-48973, CVE-2022-48972, CVE-2022-48971, CVE-2022-48969, CVE-2022-48967, CVE-2022-48966, CVE-2022-48962, CVE-2022-48960, CVE-2022-48958, CVE-2022-48956, CVE-2022-48953, CVE-2022-48951, CVE-2022-48949, CVE-2022-48946, CVE-2022-48809, CVE-2022-48790, CVE-2022-48789, CVE-2022-48788, CVE-2022-48664, CVE-2022-48650, CVE-2022-48636, CVE-2022-2991, CVE-2021-47644, CVE-2021-47634, CVE-2021-47612, CVE-2021-47416, CVE-2021-47223, CVE-2021-47222, CVE-2021-47163, CVE-2021-46936, CVE-2021-37159, CVE-2021-3156, CVE-2021-22543

DD OS 8.4

Dell PowerProtect Data Domain Management Center with SmartScale feature with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2025-22397

DD OS 8.4

Dell PowerProtect Data Domain series appliances

Versions 7.7.1.0 through 8.4.0.0

Version 8.4.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DD OS 8.3.1

Dell PowerProtect Data Domain series appliances

Versions 8.3.1.0

Version 8.3.1.10 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DDOS 7.10.1

Dell PowerProtect Data Domain series appliances

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-43889

DD OS 8.4

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, Dell APEX Protection Storage, and Data Domain Management Center with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.4.0.0

Version 8.5.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-43914

DD OS 8.4

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DD OS 8.3.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2025 8.3.1

Versions 8.3.1.0

Version 8.3.1.10 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DD OS 7.13.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DDOS 7.10.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Boost – File System | Dell US

CVE-2024-29171,  CVE-2024-29172, CVE-2024-39689, CVE-2025-27687, CVE-2024-35195, CVE-2022-40899, CVE-2024-7592, CVE-2024-2511, CVE-2024-37891, CVE-2023-32681, CVE-2024-47611, CVE-2024-6232, CVE-2020-22916, CVE-2024-3219, CVE-2024-6923, CVE-2024-6345, CVE-2023-7104, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910

DD OS 8.4

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-39689, CVE-2025-27687, CVE-2024-35195, CVE-2022-40899,CVE-2024-7592, CVE-2024-2511,CVE-2024-37891,CVE-2023-32681,CVE-2024-47611,CVE-2024-6232,CVE-2020-22916,CVE-2024-3219,CVE-2024-6923,CVE-2024-6345, CVE-2023-7104, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891,CVE-2025-43912,CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910

DD OS 8.3.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2025 8.3.1

Versions 8.3.1.0

Version 8.3.1.10 or later

 Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910, CVE-2025-43889

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890 ,CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910, CVE-2025-43889

DD OS 7.10.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 8.4

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 8.3.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2025 8.3.1

Version 8.3.1.0

Version 8.3.1.10 or later

 Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 7.13.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977 ,CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906,  CVE-2025-43908, CVE-2025-43910

DD OS 7.10.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2025-27516, CVE-2025-27363, CVE-2025-27113, CVE-2025-26597, CVE-2025-26465, CVE-2025-24928, CVE-2025-24528, CVE-2025-21753, CVE-2025-21700, CVE-2025-21690, CVE-2025-21689, CVE-2025-21682, CVE-2025-21678, CVE-2025-21673, CVE-2025-21664, CVE-2025-21653, CVE-2025-21640, CVE-2025-21639, CVE-2025-21638, CVE-2025-1125, CVE-2025-1118, CVE-2025-1094, CVE-2025-0725, CVE-2025-0690, CVE-2025-0689, CVE-2025-0686, CVE-2025-0685, CVE-2025-0684, CVE-2025-0678, CVE-2025-0677, CVE-2025-0624, CVE-2025-0622, CVE-2025-0395, CVE-2025-0167, CVE-2024-9681, CVE-2024-9287, CVE-2024-9143, CVE-2024-7347, CVE-2024-57938, CVE-2024-57932, CVE-2024-57931, CVE-2024-57929, CVE-2024-57922, CVE-2024-57903, CVE-2024-57899, CVE-2024-57896, CVE-2024-57890, CVE-2024-57884, CVE-2024-56769, CVE-2024-56763, CVE-2024-56759, CVE-2024-56748, CVE-2024-56747, CVE-2024-56739, CVE-2024-56737, CVE-2024-56722, CVE-2024-56700, CVE-2024-56688, CVE-2024-56681, CVE-2024-56662, CVE-2024-56661, CVE-2024-56658, CVE-2024-56650, CVE-2024-56647, CVE-2024-56643, CVE-2024-56641, CVE-2024-56637, CVE-2024-56633, CVE-2024-56630, CVE-2024-56623, CVE-2024-56615, CVE-2024-56605, CVE-2024-56601, CVE-2024-56600, CVE-2024-56594, CVE-2024-56593, CVE-2024-56574, CVE-2024-56548, CVE-2024-56539, CVE-2024-56533, CVE-2024-56532, CVE-2024-56369, CVE-2024-56326, CVE-2024-56201, CVE-2024-56171, CVE-2024-55916, CVE-2024-5535, CVE-2024-53239, CVE-2024-53227, CVE-2024-53217, CVE-2024-53197, CVE-2024-53185, CVE-2024-53173, CVE-2024-53155, CVE-2024-52533, CVE-2024-52332, CVE-2024-50602, CVE-2024-50304, CVE-2024-50251, CVE-2024-50142, CVE-2024-50115, CVE-2024-50073, CVE-2024-50067, CVE-2024-50058, CVE-2024-50047, CVE-2024-50045, CVE-2024-50036, CVE-2024-50035, CVE-2024-50033, CVE-2024-49975, CVE-2024-49963, CVE-2024-49950, CVE-2024-49948, CVE-2024-49884, CVE-2024-49867, CVE-2024-48881, CVE-2024-47809, CVE-2024-47701, CVE-2024-47220, CVE-2024-45783, CVE-2024-45782, CVE-2024-45781, CVE-2024-45780, CVE-2024-45779, CVE-2024-45778, CVE-2024-45777, CVE-2024-45776, CVE-2024-45775, CVE-2024-45774, CVE-2024-45492, CVE-2024-45491, CVE-2024-45490, CVE-2024-41110, CVE-2024-39355, CVE-2024-37020, CVE-2024-36293, CVE-2024-34459, CVE-2024-34397, CVE-2024-34064, CVE-2024-31068, CVE-2024-29172, CVE-2024-29171, CVE-2024-27397, CVE-2024-27388, CVE-2024-27054, CVE-2024-26931, CVE-2024-26930, CVE-2024-26929, CVE-2024-26810, CVE-2024-26644, CVE-2024-2511, CVE-2024-23918, CVE-2024-23307, CVE-2024-22195, CVE-2024-21853, CVE-2024-21820, CVE-2024-13176, CVE-2024-12747, CVE-2024-12133, CVE-2024-12088, CVE-2024-12087, CVE-2024-12086, CVE-2024-12085, CVE-2024-11187, CVE-2024-11053, CVE-2024-10979, CVE-2024-10978, CVE-2024-10977, CVE-2024-10976, CVE-2023-7008, CVE-2023-6606, CVE-2023-52924, CVE-2023-52853, CVE-2023-52653, CVE-2023-52646, CVE-2023-52572, CVE-2023-50782, CVE-2023-47108, CVE-2023-45142, CVE-2023-44487, CVE-2023-4016, CVE-2023-26112, CVE-2023-0394, CVE-2022-49661, CVE-2022-49626, CVE-2022-49490, CVE-2022-49247, CVE-2022-49201, CVE-2022-49182, CVE-2022-49178, CVE-2022-49151, CVE-2022-49135, CVE-2022-49134, CVE-2022-49124, CVE-2022-49089, CVE-2022-49080, CVE-2022-49076, CVE-2022-49043, CVE-2022-49006, CVE-2022-49002, CVE-2022-49000, CVE-2022-48997, CVE-2022-48992, CVE-2022-48991, CVE-2022-48988, CVE-2022-48985, CVE-2022-48978, CVE-2022-48975, CVE-2022-48973, CVE-2022-48972, CVE-2022-48971, CVE-2022-48969, CVE-2022-48967, CVE-2022-48966, CVE-2022-48962, CVE-2022-48960, CVE-2022-48958, CVE-2022-48956, CVE-2022-48953, CVE-2022-48951, CVE-2022-48949, CVE-2022-48946, CVE-2022-48809, CVE-2022-48790, CVE-2022-48789, CVE-2022-48788, CVE-2022-48664, CVE-2022-48650, CVE-2022-48636, CVE-2022-2991, CVE-2021-47644, CVE-2021-47634, CVE-2021-47612, CVE-2021-47416, CVE-2021-47223, CVE-2021-47222, CVE-2021-47163, CVE-2021-46936, CVE-2021-37159, CVE-2021-3156, CVE-2021-22543

DD OS 8.4

Dell PowerProtect Data Domain Management Center with SmartScale feature with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)
Note:

Revision History

Revision

Date

Description

1.0

2025-10-01

Initial Release

2.0

2025-10-07

Updated Proprietary Code section — revised CVSS Base Score to 6.4 for CVE-2025-43908

3.0

2025-10-24

Updated for clarity with no major changes to content

4.0

2025-11-11

Updated Third Party Components and Affected Products and Remediation section: CVE-2025-22397

5.0

2025-12-02

Updated Affected Products and Remediation section: removed duplicate CVE ID: CVE-2020-13936

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

Data Domain, Data Domain Boost – File System, Data Domain Boost - Open Storage, Data Domain Deduplication Storage Systems, Data Domain Encryption, Data Domain Extended Retention, Data Domain Replicator, Data Domain Retention Lock , Data Domain Virtual Tape Library, Data Domain Virtual Tape Library for IBM I/OS, DD OS, DD OS 7.10, DD OS 7.11, DD OS 7.12, DD OS 7.13, DD OS 8.1, DD OS 8.3, DD OS 8.4, DD OS 8.5, DD OS 8.0, DD OS Licensed Features, Data Domain Virtual Edition, PowerProtect Data Domain Management Center, PowerProtect Data Domain All-Flash Ready Node ...
Article Properties
Article Number: 000376224
Article Type: Dell Security Advisory
Last Modified: 03 Dec 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.