DSA-2025-113: Security Update for Dell PowerProtect Cyber Recovery

Summary: Dell PowerProtect Cyber Recovery remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Third-party Component

CVEs

More Information

libglib-2_0-0

CVE-2024-52533, CVE-2024-34397

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

curl

CVE-2024-9681

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libopenssl1_1

CVE-2023-50782

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libprotobuf-lite25_1_0

CVE-2024-7254

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libssl3, libcrypto3

CVE-2024-9143, CVE-2024-6119, CVE-2024-4603

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

nodejs

CVE-2024-22018, CVE-2024-22020, CVE-2024-36137

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libexpat

CVE-2024-45492, CVE-2024-45491, CVE-024-45490

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libcurl,curl

CVE-2024-6874, CVE-2024-6197, CVE-2024-0853, CVE-2024-2379, CVE-2024-2466

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libaom3

CVE-2024-5171

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libheif1

CVE-2023-29659, CVE-2023-49462, CVE-2024-41311

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

kernel-default=5.14.21-150400.24.150.1

CVE-2020-12770, CVE-2021-38160, CVE-2022-49035, CVE-2024-50199, CVE-2024-53095, CVE-2024-53104, CVE-2024-53142, CVE-2024-53146, CVE-2024-53156, CVE-2024-53166, CVE-2024-53173, CVE-2024-53177, CVE-2024-53179, CVE-2024-53214, CVE-2024-53239, CVE-2024-53240, CVE-2024-53241, CVE-2024-56539, CVE-2024-56548, CVE-2024-56570, CVE-2024-56598, CVE-2024-56600, CVE-2024-56601, CVE-2024-56602, CVE-2024-56604, CVE-2024-56605, CVE-2024-56619, CVE-2024-56623, CVE-2024-56631, CVE-2024-56642, CVE-2024-56645, CVE-2024-56648, CVE-2024-56650, CVE-2024-56658, CVE-2024-56661, CVE-2024-56664, CVE-2024-56704, CVE-2024-56759, CVE-2024-57791, CVE-2024-57792, CVE-2024-57798, CVE-2024-57849, CVE-2024-57893, CVE-2024-57897, CVE-2024-8805

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

glibc-extra=2.31-150300.92.1

glibc-lang=2.31-150300.92.1

glibc-locale-base=2.31-150300.92.1

CVE-2025-0395

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

bind-utils=9.16.50-150400.5.46.1

python3-bind=9.16.50-150400.5.46.1

CVE-2024-11187

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

openssh-clients=8.4p1-150300.3.42.1

CVE-2025-26465

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libopenssl1_1-hmac=1.1.1l-150400.7.78.1

CVE-2024-13176

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

git-core=2.35.3-150300.10.48.1

CVE-2024-50349, CVE-2024-52006

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libtasn1-6=4.13-150000.4.11.1

CVE-2024-12133

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

curl=8.0.1-150400.5.62.1

libcurl4=8.0.1-150400.5.62.1

CVE-2024-11053, CVE-2025-0167, CVE-2025-0725

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

grub2-systemd-sleep-plugin=2.06-150400.11.55.2

CVE-2024-45774, CVE-2024-45775, CVE-2024-45776, CVE-2024-45777, CVE-2024-45778, CVE-2024-45779, CVE-2024-45780, CVE-2024-45781, CVE-2024-45782, CVE-2024-45783, CVE-2024-56737, CVE-2025-0622, CVE-2025-0624, CVE-2025-0677, CVE-2025-0678, CVE-2025-0684, CVE-2025-0685, CVE-2025-0686, CVE-2025-0689, CVE-2025-0690, CVE-2025-1118, CVE-2025-1125

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libxml2-2=2.9.14-150400.5.35.1

CVE-2022-49043

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-26335

Dell PowerProtect Cyber Recovery, versions prior to 19.18.0.2, contains an Insertion of Sensitive Information Into Sent Data vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

5.8

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-26335

Dell PowerProtect Cyber Recovery, versions prior to 19.18.0.2, contains an Insertion of Sensitive Information Into Sent Data vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

5.8

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

PowerProtect Cyber Recovery

Cyber Recovery Software

Versions 19.13.0 through 19.19.0

Version 19.19.0.1 or later

PowerProtect Cyber Recovery Downloads & Drivers

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

PowerProtect Cyber Recovery

Cyber Recovery Software

Versions 19.13.0 through 19.19.0

Version 19.19.0.1 or later

PowerProtect Cyber Recovery Downloads & Drivers

Revision History

Revision

Date

Description

1.0

2025-04-09

Initial Release

2.0

2025-04-16

Updated the Affected and Remediated Versions

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerProtect Cyber Recovery, Cyber Recovery Series
Article Properties
Article Number: 000306005
Article Type: Dell Security Advisory
Last Modified: 16 Apr 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.