Dell has released a Critical Security Update (DSA-2025-022) for its PowerProtect Data Domain (DD) systems to address multiple vulnerabilities that could allow attackers to compromise affected systems.
These vulnerabilities, identified in various components and open-source dependencies, highlight the importance of timely patching to safeguard enterprise data protection environments.
The vulnerabilities include seven classified as “Critical” severity—CVE-2024-33871, CVE-2024-41110, CVE-2024-38428, CVE-2024-24790, CVE-2024-37371, CVE-2024-24577, and CVE-2018-6913—which may allow escalation of privileges, unauthorized system access, denial of service, or sensitive data exfiltration.
Breakdown of Critical CVEs
Affected Products
The vulnerabilities impact multiple Dell PowerProtect DD systems. Organizations using these systems are urged to review Dell’s official advisory (DSA-2025-022) to identify specific affected models and implement the recommended patches.
Dell has released security patches to address these vulnerabilities. Administrators are advised to:
The discovery of critical vulnerabilities in enterprise backup and recovery products like Dell PowerProtect DD underscores the need for constant vigilance and timely patch management.
Organizations relying on these systems must act swiftly to mitigate risks and ensure data security.
Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Start Now for Free.
A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…
A threat actor known as #LongNight has reportedly put up for sale remote code execution…
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…
Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…
The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…
Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…