CVE-2025-46643
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-09
Last updated on: 2026-02-05
Assigner: Dell
Description
Description
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain a Heap-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | powerprotect_data_domain | From 7.7.1.0 (inc) to 8.4.0.0 (inc) |
| dell | powerprotect_data_domain | From 8.3.1.10 (inc) |
| dell | powerprotect_data_domain | From 7.13.1.0 (inc) to 7.13.1.40 (inc) |
| dell | powerprotect_data_domain | From 7.10.1.0 (inc) to 7.10.1.70 (inc) |
| dell | data_domain_operating_system | From 7.13.1.0 (inc) to 7.13.1.50 (inc) |
| dell | data_domain_operating_system | 8.4.0.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
