Dell Technologies has released a security update addressing a critical vulnerability (CVE-2025-29987) in its PowerProtect Data Domain Operating System (DD OS).
The vulnerability allows authenticated attackers to execute arbitrary commands with root privileges, posing a high security risk. Users are strongly urged to update their systems to the latest remediated versions to protect against potential exploitation.
An insufficient granularity of access control vulnerability in the Dell PowerProtect Data Domain Operating System (DD OS) enables an authenticated user from a trusted remote client to execute arbitrary commands with root privileges.
.png
)
CVSS Base Score: 8.8 (High) and the Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Dell has categorized the impact of this vulnerability as High. If exploited, attackers could gain complete control over the affected system, endangering the confidentiality, integrity, and availability of sensitive data stored on affected devices.
Affected Products
The following table provides a detailed overview of the affected products, their vulnerable versions, and the remediated versions available to mitigate this vulnerability:
| CVE | Product | Affected Versions | Remediated Versions |
| CVE-2025-29987 | DD OS 8.3 | v7.7.1.0 – v8.3.0.10 | v8.3.0.15 or later |
| CVE-2025-29987 | DD OS 7.13.1 | v7.13.1.0 – v7.13.1.20 | v7.13.1.25 or later |
| CVE-2025-29987 | DD OS 7.10.1 | v7.10.1.0 – v7.10.1.50 | v7.10.1.60 or later |
| CVE-2025-29987 | PowerProtect DP Series Appliance (IDPA) | v2.7.6, v2.7.7, v2.7.8 | DD OS v7.10.1.60 |
| CVE-2025-29987 | Disk Library for Mainframe DLm8500/DLm8700 | v5.4.0.0 – DLm 7.0.0.0 | v7.10.1.60 or later |
Remediation Steps
- Identify whether your system runs on one of the affected versions.
- Download your respective product’s remediated software or firmware from Dell Drivers & Downloads.
- Follow the instructions in the relevant Knowledge Base (KB) articles to upgrade the DD OS to a secure version.
- Test the system post-upgrade to ensure functionality and address any potential false positives generated by security scanners.
Dell Technologies urges every affected customer to act immediately and upgrade their system to the remediated versions.
Regularly monitor Dell security advisories and maintain proper change control for updates in production environments.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
 in its PowerProtect Data Domain Operating System (DD OS).){kind=link}