{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-35154", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "state": "PUBLISHED", "assignerShortName": "dell", "dateReserved": "2026-04-01T17:04:27.475Z", "datePublished": "2026-04-20T16:50:56.856Z", "dateUpdated": "2026-04-22T03:56:08.697Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-04-20T16:50:56.856Z"}, "datePublic": "2026-04-15T18:30:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-269", "description": "CWE-269: Improper Privilege Management", "type": "CWE"}]}], "affected": [{"vendor": "Dell", "product": "PowerProtect Data Domain appliances", "versions": [{"status": "affected", "version": "0", "lessThan": "8.7.0.1 or later", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "8.3.1.30 or later", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "7.13.1.70 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability in IDRAC. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges to access unauthorized delete operation in IDRAC.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability in IDRAC. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges to access unauthorized delete operation in IDRAC."}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-21T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-35154"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T03:56:08.697Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-35154", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-20T18:08:34.652177Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-20T18:08:38.657Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Dell", "product": "PowerProtect Data Domain appliances", "versions": [{"status": "affected", "version": "0", "lessThan": "8.7.0.1 or later", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "8.3.1.30 or later", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "7.13.1.70 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}], "datePublic": "2026-04-15T18:30:00.000Z", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability in IDRAC. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges to access unauthorized delete operation in IDRAC.", "supportingMedia": [{"type": "text/html", "value": "Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability in IDRAC. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges to access unauthorized delete operation in IDRAC.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269: Improper Privilege Management"}]}], "providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-04-20T16:50:56.856Z"}}}, "cveMetadata": {"cveId": "CVE-2026-35154", "state": "PUBLISHED", "dateUpdated": "2026-04-22T03:56:08.697Z", "dateReserved": "2026-04-01T17:04:27.475Z", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "datePublished": "2026-04-20T16:50:56.856Z", "assignerShortName": "dell"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability in IDRAC. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges to access unauthorized delete operation in IDRAC."}], "id": "CVE-2026-35154", "lastModified": "2026-04-20T19:05:30.750", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.3, "impactScore": 5.9, "source": "security_alert@emc.com", "type": "Secondary"}]}, "published": "2026-04-20T17:16:34.263", "references": [{"source": "security_alert@emc.com", "url": "https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security_alert@emc.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,8.7.0.1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,8.3.1.30)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,7.13.1.70)"}}], "enrichment": {"confidence": 84.0, "confidence_source": "matching", "scores": [{"score": 84.0, "source": "matching"}]}, "original": {"product": "PowerProtect Data Domain appliances", "source": "cna", "vendor": "Dell"}, "product": "powerprotect_data_domain", "vendor": "dell"}], "analysis": {"en": {"generated_at": "2026-04-20T18:35:59.727281+00:00", "value": {"mitigation_remediation": ["Install the Dell PowerProtect Data Domain firmware update released in Dell Security Advisory 2026\u2011060, which addresses the IDRAC privilege escalation flaw.", "Upgrade the IDRAC firmware component to the latest version published by Dell.", "Reboot the appliance to ensure the firmware changes take effect.", "Restrict local IDRAC access and enforce least\u2011privilege policies for local user accounts to reduce the attack surface."], "summary": {"action": "Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Dell PowerProtect Data Domain appliances running firmware versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, and LTS2024 release versions 7.13.1.0 through 7.13.1.60.", "description_and_impact": "An improper privilege management flaw exists in the Integrated Dell Remote Access Controller (IDRAC) of Dell PowerProtect Data Domain appliances. The flaw allows a local attacker who already possesses high privileges to elevate their privileges and execute delete operations that should be restricted. The vulnerability is categorized as a CWE\u2011269 (Access Control). The impact is the potential for a local attacker to gain elevated privileges and perform unauthorized deletions, compromising data integrity and availability.", "risk_and_exploitability": "The CVSS score of 6.3 indicates moderate severity, while the absence of an EPSS score leaves the exact exploitation probability unknown. The vulnerability is not currently listed in the CISA KEV catalog, suggesting no widespread exploitation yet. A local attacker who has high\u2011privileged access on the appliance could exploit the flaw through the IDRAC interface, elevating privileges to perform unauthorized delete operations. Because the attack requires local high\u2011privilege access, it is less likely to be leveraged remotely, but within a compromised environment the risk remains significant."}}}}, "created": "2026-04-20T18:45:14.224495+00:00", "title": "IDRAC Privilege Escalation via Improper Access Control", "updated": "2026-04-22T11:47:32.060478+00:00", "vendors": ["dell", "dell$PRODUCT$powerprotect_data_domain"]}