Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Sign In Create an Account Premier Sign In Dell Financial Services Partner Program Sign In
Contact Us

Your Dell.com Carts

Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

DSA-2025-139: Dell Technologies PowerProtect Data Domain Security Update for a Security Vulnerability

Summary: Dell Technologies PowerProtect Data Domain remediation is available for a security vulnerability that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

High

Details

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-29987 Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficient Granularity of Access Control vulnerability. An authenticated user from a trusted remote client could exploit this vulnerability to execute arbitrary commands with root privileges. 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-29987 Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficient Granularity of Access Control vulnerability. An authenticated user from a trusted remote client could exploit this vulnerability to execute arbitrary commands with root privileges. 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2025-29987

DD OS 8.3

Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect Data Domain Operating System (DD OS)

Versions 7.7.1.0 through 8.3.0.10

Version 8.3.0.15 or later

PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article
Support for Data Domain Operating System (DD OS) | Drivers & Downloads

CVE-2025-29987

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.20

Version 7.13.1.25 or later

PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article
Support for Data Domain Operating System (DD OS) | Drivers & Downloads

CVE-2025-29987

DD OS 7.10.1

Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.50

Version 7.10.1.60 or later

PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article
Support for Data Domain Operating System (DD OS) | Drivers & Downloads

CVE-2025-29987

PowerProtect DP Series Appliance (IDPA)

PowerProtect DP Series Software

Versions 2.7.6, 2.7.7, and 2.7.8

Versions 2.7.6, 2.7.7, and 2.7.8 with DD OS 7.10.1.60

PowerProtect DD OS LTS2023 7.10.1.60 Upgrade

CVE-2025-29987

Disk Library for mainframe DLm8500

PowerProtect Data Domain Operating System (DD OS) leveraged in the Disk Library for Mainframe (DLm) environment; DLm 5.4.0.0 or later to upgrade with DD OS 7.10.1.60

Version 5.4.0.0

Version 5.4.0.0 or later with DD OS 7.10.1.60

PowerProtect DD OS LTS2023 7.10.1.60 Upgrade

CVE-2025-29987

Disk Library for mainframe DLm8700

PowerProtect Data Domain Operating System (DD OS) leveraged in the Disk Library for Mainframe (DLm) environment; DLm 7.0.0.0 or later to upgrade with DD OS 7.10.1.60

Version 7.0.0.0

Version 7.0.0.0 or later with DD OS 7.10.1.60

PowerProtect DD OS LTS2023 7.10.1.60 Upgrade
CVE-2025-29987

PowerProtect DM5500

PowerProtect Data Manager Appliance (DM5500) 

Versions 5.12 through 5.18.0.1

Version 5.19.0.0 or later

Support for PowerProtect DM5500 | Drivers & Downloads

 

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2025-29987

DD OS 8.3

Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect Data Domain Operating System (DD OS)

Versions 7.7.1.0 through 8.3.0.10

Version 8.3.0.15 or later

PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article
Support for Data Domain Operating System (DD OS) | Drivers & Downloads

CVE-2025-29987

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.20

Version 7.13.1.25 or later

PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article
Support for Data Domain Operating System (DD OS) | Drivers & Downloads

CVE-2025-29987

DD OS 7.10.1

Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.50

Version 7.10.1.60 or later

PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article
Support for Data Domain Operating System (DD OS) | Drivers & Downloads

CVE-2025-29987

PowerProtect DP Series Appliance (IDPA)

PowerProtect DP Series Software

Versions 2.7.6, 2.7.7, and 2.7.8

Versions 2.7.6, 2.7.7, and 2.7.8 with DD OS 7.10.1.60

PowerProtect DD OS LTS2023 7.10.1.60 Upgrade

CVE-2025-29987

Disk Library for mainframe DLm8500

PowerProtect Data Domain Operating System (DD OS) leveraged in the Disk Library for Mainframe (DLm) environment; DLm 5.4.0.0 or later to upgrade with DD OS 7.10.1.60

Version 5.4.0.0

Version 5.4.0.0 or later with DD OS 7.10.1.60

PowerProtect DD OS LTS2023 7.10.1.60 Upgrade

CVE-2025-29987

Disk Library for mainframe DLm8700

PowerProtect Data Domain Operating System (DD OS) leveraged in the Disk Library for Mainframe (DLm) environment; DLm 7.0.0.0 or later to upgrade with DD OS 7.10.1.60

Version 7.0.0.0

Version 7.0.0.0 or later with DD OS 7.10.1.60

PowerProtect DD OS LTS2023 7.10.1.60 Upgrade
CVE-2025-29987

PowerProtect DM5500

PowerProtect Data Manager Appliance (DM5500) 

Versions 5.12 through 5.18.0.1

Version 5.19.0.0 or later

Support for PowerProtect DM5500 | Drivers & Downloads

 

Caution: PowerProtect DP Series Appliance (IDPA): To remediate this vulnerability PowerProtect DP Series Appliances (IDPA) running versions 2.7.6, 2.7.7, and 2.7.8 must have DD OS upgraded to version 7.10.1.60. For comprehensive upgrade instructions, see the following Knowledge Base (KB) Articles: IDPA: Allowed Point Product Upgrades and PowerProtect Data Protection Appliance, IDPA: Procedure To Upgrade Protection Storage.
Note:

Revision History

Revision

Date

Description

1.0

2025-04-02

Initial Release

2.0

2025-04-02

Updated for enhanced presentation with no changes to content

3.02025-04-02Updated caution note details for IDPA, DD OS upgrade version is 7.10.1.60.
4.02025-04-03Updated upgrade links for DD OS and IDPA, added IDPA upgrade instructional KB Articles.
5.02025-04-03Updated Affected Products and Remediation section for PowerProtect DP Series Appliance (IDPA) upgrade instructions
6.02025-04-04Updated the Affected Products and Remediation section: Added Disk Library for mainframe DLm8700 and Disk Library for mainframe DLm8500 upgrade details.
7.02025-04-07Updated the Affected Products and Remediation section: Added PowerProtect DM5500
8.02025-04-28Updated Notes to include High Availability (HA) systems upgrade instruction link. 
9.02025-05-01Updated versioning for DM5500

 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

Data Domain, PowerProtect Data Protection Appliance, Disk Library, DD3300 Appliance, Data Domain Deduplication Storage Systems, DD OS, DD OS 7.10, DD OS 7.13, DD OS 7.8, DD OS 7.9, DD OS 8.1, DD OS 8.3, DD OS 8.0, DD OS Licensed Features , Data Domain Virtual Edition, DD6300 Appliance, DD6400 Appliance, DD6800 Appliance, DD6900 Appliance, DD9300 Appliance, DD9400 Appliance, DD9410 Appliance, DD9800 Appliance, DD990 Appliance, DD9910 Appliance, Disk Library for mainframe DLm8500, Disk Library for mainframe DLm8700, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, PowerProtect DM5500 ...

Products

PowerProtect Data Manager Appliance
Article Properties
Article Number: 000300899
Article Type: Dell Security Advisory
Last Modified: 01 May 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.