CVE-2026-22769
Essential information
- Published
- 17/02/2026 21:22
- Modified
- 22/02/2026 00:06
- Author
- The MITRE Corporation
- Creator
- The MITRE Corporation
- CVSS
- 10.0 CRITICAL (v3.1)
- CISA KEV
- Yes
- CWE
- —
- CVSS vector
-
—
CVSS:3.1/AV:N/C:H/I:H/A:H—
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- NETWORK
- Attack complexity
- LOW
- Privileges required
- NONE
- User interaction
- NONE
- Scope
- CHANGED
- Confidentiality impact
- HIGH
- Integrity impact
- HIGH
- Availability impact
- HIGH
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Attack requirements
- —
- Privileges required
- —
- User interaction
- —
- Confidentiality (V)
- —
- Confidentiality (S)
- —
- Integrity (V)
- —
- Integrity (S)
- —
- Availability (V)
- —
- Availability (S)
- —
- Exploit maturity
- —
Description
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.
NVD status
- Status
- Analyzed — CVE has had analysis completed and all data associations made.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| dell / recoverpoint for virtual machines | cpe:2.3:a:dell:recoverpoint_for_virtual_machines:*:*:*:*:*:*:*:* |
| dell / recoverpoint for virtual machines | cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:-:*:*:*:*:*:* |
| dell / recoverpoint for virtual machines | cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp1:*:*:*:*:*:* |
| dell / recoverpoint for virtual machines | cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp1_p1:*:*:*:*:*:* |
| dell / recoverpoint for virtual machines | cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp1_p2:*:*:*:*:*:* |
| dell / recoverpoint for virtual machines | cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp2:*:*:*:*:*:* |
| dell / recoverpoint for virtual machines | cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp2_p1:*:*:*:*:*:* |
| dell / recoverpoint for virtual machines | cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp3:*:*:*:*:*:* |
| dell / recoverpoint for virtual machines | cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp3_p1:*:*:*:*:*:* |