Dell has released a Critical Security Update (DSA-2025-022) for its PowerProtect Data Domain (DD) systems to address multiple vulnerabilities that could allow attackers to compromise affected systems.
These vulnerabilities, identified in various components and open-source dependencies, highlight the importance of timely patching to safeguard enterprise data protection environments.
The vulnerabilities include seven classified as “Critical” severity—CVE-2024-33871, CVE-2024-41110, CVE-2024-38428, CVE-2024-24790, CVE-2024-37371, CVE-2024-24577, and CVE-2018-6913—which may allow escalation of privileges, unauthorized system access, denial of service, or sensitive data exfiltration.
Breakdown of Critical CVEs
Affected Products
The vulnerabilities impact multiple Dell PowerProtect DD systems. Organizations using these systems are urged to review Dell’s official advisory (DSA-2025-022) to identify specific affected models and implement the recommended patches.
Dell has released security patches to address these vulnerabilities. Administrators are advised to:
The discovery of critical vulnerabilities in enterprise backup and recovery products like Dell PowerProtect DD underscores the need for constant vigilance and timely patch management.
Organizations relying on these systems must act swiftly to mitigate risks and ensure data security.
Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Start Now for Free.
Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector emerged…
The Agenda ransomware group, also known as Qilin, has been reported to intensify its attacks…
SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6 million…
F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect servers…
The healthcare sector has emerged as a prime target for cyber attackers, driven by the…
Security researchers have disclosed a chain of critical vulnerabilities affecting SysAid ITSM’s On-Premise solution, enabling…