DSA-2025-159: Security Update for Dell PowerProtect Data Domain Multiple Vulnerabilities

Summary: Dell PowerProtect Data Domain remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Third-Party Component

CVEs

More Information

IDRAC9

CVE-2023-52340, CVE-2024-42154

DSA-2024-460: Security Update for Dell iDRAC9 Vulnerabilities

Velocity

CVE-2020-13936

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

container-suseconnect

CVE-2024-24789, CVE-2024-24790, CVE-2024-24791

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

CUPS

CVE-2024-47850, CVE-2024-47176

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Curl

 

CVE-2024-8096, CVE-2024-7264, CVE-2024-9681

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

expat

CVE-2023-52425, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Glib2

CVE-2024-34397

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Kernel

CVE-2021-4440, CVE-2021-47257, CVE-2021-47289, CVE-2021-47341, CVE-2021-47373, CVE-2021-47425, CVE-2021-47549, CVE-2022-48751, CVE-2022-48769, CVE-2022-48786, CVE-2022-48822, CVE-2022-48865, CVE-2022-48875, CVE-2022-48896, CVE-2022-48899, CVE-2022-48905, CVE-2022-48910, CVE-2022-48919, CVE-2022-48920, CVE-2022-48925

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Openssl

CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libpcap

CVE-2024-8006, CVE-2023-7256

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

PostgreSQL

CVE-2024-4317, CVE-2024-7348

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Mesa

CVE-2023-45913, CVE-2023-45919, CVE-2023-45922

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

OpenIPMI

CVE-2024-42934

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

OpenSC

CVE-2024-8443, CVE-2024-45615, CVE-2024-45616, CVE-2024-45617, CVE-2024-45618, CVE-2024-45619, CVE-2024-45620

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Perl-DBI

CVE-2014-10401, CVE-2014-10402

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

CPython

CVE-2024-6923, CVE-2024-7592, CVE-2024-5642, CVE-2024-6232, CVE-2024-9287

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

runc

CVE-2024-45310

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Setuptools

CVE-2024-6345

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Ucode-intel

CVE-2024-24968, CVE-2024-23984

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

GNU Wget

CVE-2024-38428

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-36594

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Authentication Bypass by Spoofing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Remote unauthenticated user can create account that potentially expose customer info, affect system integrity and availability.

9.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-30099

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

7.8

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-30098

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-30097

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-30096

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43727

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an incorrect Implementation of Authentication Algorithm vulnerability in the RestAPI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-36565

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-36566

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-36569

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-36567

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-36594

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Authentication Bypass by Spoofing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Remote unauthenticated user can create account that potentially expose customer info, affect system integrity and availability.

9.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-30099

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

7.8

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-30098

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-30097

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-30096

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43727

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an incorrect Implementation of Authentication Algorithm vulnerability in the RestAPI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-36565

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-36566

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-36569

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-36567

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2025-36594

DD OS 8.3

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, Dell APEX Protection Storage, and Data Domain Management Center, with Data Domain Operating System (DD OS) Feature Release 8.3.0

Versions 7.7.1.0 through 8.3.0.15

Version 8.3.1.0, 8.4.0.0, or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2025-36594

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage, and Data Domain Management Center, with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.25

Version 7.13.1.30 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2025-36594

DD OS 7.10.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage, and Data Domain Management Center, with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2023-52340, CVE-2024-42154, CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569, CVE-2025-36567

DD OS 8.3

Dell PowerProtect Data Domain series appliances with Data Domain Operating System (DD OS) Feature Release 8.3.0

Versions 7.7.1.0 through 8.1.0.10

Version 8.3.0.10 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2023-52340, CVE-2024-42154, CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569, CVE-2025-36567

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.25

Version 7.13.1.30 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2023-52340, CVE-2024-42154, CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569,CVE-2025-36567

DD OS 7.10.1

Dell PowerProtect Data Domain series appliances with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.50

Version 7.10.1.60 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569, CVE-2025-36567

DD OS 8.3

Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage with Data Domain Operating System (DD OS) Feature Release 8.3.0

Versions 7.7.1.0 through 8.1.0.10

Version 8.3.0.10 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569, CVE-2025-36567

DD OS 7.13.1

Dell PowerProtect Data Domain Virtual Edition and Dell APEX Protection Storage, with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.25

Version 7.13.1.30 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569, CVE-2025-36567

DD OS 7.10.1

Dell PowerProtect Data Domain Virtual Edition and Dell APEX Protection Storage, with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.50

Version 7.10.1.60 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-4317, CVE-2024-7348, CVE-2024-6232, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2024-6345, CVE-2024-38428, CVE-2025-36565

DD OS 8.3

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) Feature Release 8.3.0

Versions 7.7.1.0 through 8.1.0.10

Version 8.3.0.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-4317, CVE-2024-7348, CVE-2024-6232, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2024-6345, CVE-2024-38428, CVE-2025-36565

DD OS 7.13.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS), LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.25

Version 7.13.1.30 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-4317, CVE-2024-7348, CVE-2024-6232, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2024-6345, CVE-2024-38428, CVE-2025-36565

DD OS 7.10.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS), LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.50

Version 7.10.1.60 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-47850, CVE-2024-47176, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2023-52425, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2021-4440, CVE-2021-47257, CVE-2021-47289, CVE-2021-47341, CVE-2021-47373, CVE-2021-47425, CVE-2021-47549, CVE-2022-48751, CVE-2022-48769, CVE-2022-48786, CVE-2022-48822, CVE-2022-48865, CVE-2022-48875, CVE-2022-48896, CVE-2022-48899, CVE-2022-48905, CVE-2022-48910, CVE-2022-48919, CVE-2022-48920, CVE-2022-48925, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-8006, CVE-2023-7256, CVE-2024-4317, CVE-2024-7348, CVE-2023-45913, CVE-2023-45919, CVE-2023-45922, CVE-2024-42934, CVE-2024-8443, CVE-2024-45615, CVE-2024-45616, CVE-2024-45617, CVE-2024-45618, CVE-2024-45619, CVE-2024-45620, CVE-2014-10401, CVE-2014-10402, CVE-2024-6923, CVE-2024-7592, CVE-2024-5642, CVE-2024-6232, CVE-2024-9287, CVE-2024-45310, CVE-2024-6345, CVE-2024-24968, CVE-2024-23984, CVE-2024-38428, CVE-2025-36565

DD OS 8.3

Dell PowerProtect Data Domain Management Center with SmartScale feature with Data Domain Operating System (DD OS) Feature Release 8.3.0

Versions 7.7.1.0 through 8.1.0.10

Version 8.3.0.10 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-47850, CVE-2024-47176, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2023-52425, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2021-4440, CVE-2021-47257, CVE-2021-47289, CVE-2021-47341, CVE-2021-47373, CVE-2021-47425, CVE-2021-47549, CVE-2022-48751, CVE-2022-48769, CVE-2022-48786, CVE-2022-48822, CVE-2022-48865, CVE-2022-48875, CVE-2022-48896, CVE-2022-48899, CVE-2022-48905, CVE-2022-48910, CVE-2022-48919, CVE-2022-48920, CVE-2022-48925, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-8006, CVE-2023-7256, CVE-2024-4317, CVE-2024-7348, CVE-2023-45913, CVE-2023-45919, CVE-2023-45922, CVE-2024-42934, CVE-2024-8443, CVE-2024-45615, CVE-2024-45616, CVE-2024-45617, CVE-2024-45618, CVE-2024-45619, CVE-2024-45620, CVE-2014-10401, CVE-2014-10402, CVE-2024-6923, CVE-2024-7592, CVE-2024-5642, CVE-2024-6232, CVE-2024-9287, CVE-2024-45310, CVE-2024-6345, CVE-2024-24968, CVE-2024-23984, CVE-2024-38428, CVE-2025-36565

DD OS 7.13.1

Dell PowerProtect Data Domain Management Center with SmartScale feature with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.25

Version 7.13.1.30 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-47850, CVE-2024-47176, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2023-52425, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2021-4440, CVE-2021-47257, CVE-2021-47289, CVE-2021-47341, CVE-2021-47373, CVE-2021-47425, CVE-2021-47549, CVE-2022-48751, CVE-2022-48769, CVE-2022-48786, CVE-2022-48822, CVE-2022-48865, CVE-2022-48875, CVE-2022-48896, CVE-2022-48899, CVE-2022-48905, CVE-2022-48910, CVE-2022-48919, CVE-2022-48920, CVE-2022-48925, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-8006, CVE-2023-7256, CVE-2024-4317, CVE-2024-7348, CVE-2023-45913, CVE-2023-45919, CVE-2023-45922, CVE-2024-42934, CVE-2024-8443, CVE-2024-45615, CVE-2024-45616, CVE-2024-45617, CVE-2024-45618, CVE-2024-45619, CVE-2024-45620, CVE-2014-10401, CVE-2014-10402, CVE-2024-6923, CVE-2024-7592, CVE-2024-5642, CVE-2024-6232, CVE-2024-9287, CVE-2024-45310, CVE-2024-6345, CVE-2024-24968, CVE-2024-23984, CVE-2024-38428, CVE-2025-36565

DD OS 7.10.1

Dell PowerProtect Data Domain Management Center with SmartScale feature with  Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.50

Version 7.10.1.60 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2025-36594

DD OS 8.3

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, Dell APEX Protection Storage, and Data Domain Management Center, with Data Domain Operating System (DD OS) Feature Release 8.3.0

Versions 7.7.1.0 through 8.3.0.15

Version 8.3.1.0, 8.4.0.0, or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2025-36594

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage, and Data Domain Management Center, with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.25

Version 7.13.1.30 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2025-36594

DD OS 7.10.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage, and Data Domain Management Center, with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2023-52340, CVE-2024-42154, CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569, CVE-2025-36567

DD OS 8.3

Dell PowerProtect Data Domain series appliances with Data Domain Operating System (DD OS) Feature Release 8.3.0

Versions 7.7.1.0 through 8.1.0.10

Version 8.3.0.10 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2023-52340, CVE-2024-42154, CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569, CVE-2025-36567

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.25

Version 7.13.1.30 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2023-52340, CVE-2024-42154, CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569,CVE-2025-36567

DD OS 7.10.1

Dell PowerProtect Data Domain series appliances with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.50

Version 7.10.1.60 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569, CVE-2025-36567

DD OS 8.3

Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage with Data Domain Operating System (DD OS) Feature Release 8.3.0

Versions 7.7.1.0 through 8.1.0.10

Version 8.3.0.10 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569, CVE-2025-36567

DD OS 7.13.1

Dell PowerProtect Data Domain Virtual Edition and Dell APEX Protection Storage, with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.25

Version 7.13.1.30 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-9143, CVE-2024-5535, CVE-2025-30096, CVE-2025-30099, CVE-2025-30098, CVE-2025-30097, CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569, CVE-2025-36567

DD OS 7.10.1

Dell PowerProtect Data Domain Virtual Edition and Dell APEX Protection Storage, with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.50

Version 7.10.1.60 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-4317, CVE-2024-7348, CVE-2024-6232, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2024-6345, CVE-2024-38428, CVE-2025-36565

DD OS 8.3

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) Feature Release 8.3.0

Versions 7.7.1.0 through 8.1.0.10

Version 8.3.0.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-4317, CVE-2024-7348, CVE-2024-6232, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2024-6345, CVE-2024-38428, CVE-2025-36565

DD OS 7.13.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS), LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.25

Version 7.13.1.30 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-4317, CVE-2024-7348, CVE-2024-6232, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2024-6345, CVE-2024-38428, CVE-2025-36565

DD OS 7.10.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS), LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.50

Version 7.10.1.60 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-47850, CVE-2024-47176, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2023-52425, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2021-4440, CVE-2021-47257, CVE-2021-47289, CVE-2021-47341, CVE-2021-47373, CVE-2021-47425, CVE-2021-47549, CVE-2022-48751, CVE-2022-48769, CVE-2022-48786, CVE-2022-48822, CVE-2022-48865, CVE-2022-48875, CVE-2022-48896, CVE-2022-48899, CVE-2022-48905, CVE-2022-48910, CVE-2022-48919, CVE-2022-48920, CVE-2022-48925, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-8006, CVE-2023-7256, CVE-2024-4317, CVE-2024-7348, CVE-2023-45913, CVE-2023-45919, CVE-2023-45922, CVE-2024-42934, CVE-2024-8443, CVE-2024-45615, CVE-2024-45616, CVE-2024-45617, CVE-2024-45618, CVE-2024-45619, CVE-2024-45620, CVE-2014-10401, CVE-2014-10402, CVE-2024-6923, CVE-2024-7592, CVE-2024-5642, CVE-2024-6232, CVE-2024-9287, CVE-2024-45310, CVE-2024-6345, CVE-2024-24968, CVE-2024-23984, CVE-2024-38428, CVE-2025-36565

DD OS 8.3

Dell PowerProtect Data Domain Management Center with SmartScale feature with Data Domain Operating System (DD OS) Feature Release 8.3.0

Versions 7.7.1.0 through 8.1.0.10

Version 8.3.0.10 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-47850, CVE-2024-47176, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2023-52425, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2021-4440, CVE-2021-47257, CVE-2021-47289, CVE-2021-47341, CVE-2021-47373, CVE-2021-47425, CVE-2021-47549, CVE-2022-48751, CVE-2022-48769, CVE-2022-48786, CVE-2022-48822, CVE-2022-48865, CVE-2022-48875, CVE-2022-48896, CVE-2022-48899, CVE-2022-48905, CVE-2022-48910, CVE-2022-48919, CVE-2022-48920, CVE-2022-48925, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-8006, CVE-2023-7256, CVE-2024-4317, CVE-2024-7348, CVE-2023-45913, CVE-2023-45919, CVE-2023-45922, CVE-2024-42934, CVE-2024-8443, CVE-2024-45615, CVE-2024-45616, CVE-2024-45617, CVE-2024-45618, CVE-2024-45619, CVE-2024-45620, CVE-2014-10401, CVE-2014-10402, CVE-2024-6923, CVE-2024-7592, CVE-2024-5642, CVE-2024-6232, CVE-2024-9287, CVE-2024-45310, CVE-2024-6345, CVE-2024-24968, CVE-2024-23984, CVE-2024-38428, CVE-2025-36565

DD OS 7.13.1

Dell PowerProtect Data Domain Management Center with SmartScale feature with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.25

Version 7.13.1.30 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2020-13936, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791, CVE-2024-47850, CVE-2024-47176, CVE-2024-8096, CVE-2024-7264, CVE-2024-9681, CVE-2023-52425, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2021-4440, CVE-2021-47257, CVE-2021-47289, CVE-2021-47341, CVE-2021-47373, CVE-2021-47425, CVE-2021-47549, CVE-2022-48751, CVE-2022-48769, CVE-2022-48786, CVE-2022-48822, CVE-2022-48865, CVE-2022-48875, CVE-2022-48896, CVE-2022-48899, CVE-2022-48905, CVE-2022-48910, CVE-2022-48919, CVE-2022-48920, CVE-2022-48925, CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-9143, CVE-2024-8006, CVE-2023-7256, CVE-2024-4317, CVE-2024-7348, CVE-2023-45913, CVE-2023-45919, CVE-2023-45922, CVE-2024-42934, CVE-2024-8443, CVE-2024-45615, CVE-2024-45616, CVE-2024-45617, CVE-2024-45618, CVE-2024-45619, CVE-2024-45620, CVE-2014-10401, CVE-2014-10402, CVE-2024-6923, CVE-2024-7592, CVE-2024-5642, CVE-2024-6232, CVE-2024-9287, CVE-2024-45310, CVE-2024-6345, CVE-2024-24968, CVE-2024-23984, CVE-2024-38428, CVE-2025-36565

DD OS 7.10.1

Dell PowerProtect Data Domain Management Center with SmartScale feature with  Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.50

Version 7.10.1.60 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)
Note:

Revision History

Revision

Date

Description

1.0

2025-07-31

Initial Release

2.0

2025-10-06

Updated CVE Identifier, Proprietary Code, Affected Products and Remediation section to include additional CVEs: CVE-2025-43727, CVE-2025-36565, CVE-2025-36566, CVE-2025-36569, CVE-2025-36567

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

Data Domain, Data Domain Boost – File System, Data Domain Deduplication Storage Systems, Data Domain Encryption, Data Domain Extended Retention, Data Domain NDMP Tape Server, Data Domain Replicator, Data Domain Retention Lock, DD OS, DD OS 7.10 , DD OS 7.11, DD OS 7.12, DD OS 7.13, DD OS 8.1, DD OS 8.3, DD OS 8.4, DD OS 8.0, DD OS Licensed Features, Data Domain Virtual Edition, PowerProtect Data Domain Management Center ...
Article Properties
Article Number: 000348708
Article Type: Dell Security Advisory
Last Modified: 07 Oct 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.