CVE-2025-46643
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-09
Last updated on: 2026-02-05
Assigner: Dell
Description
Description
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain a Heap-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | powerprotect_data_domain | From 7.7.1.0 (inc) to 8.4.0.0 (inc) |
| dell | powerprotect_data_domain | From 8.3.1.10 (inc) |
| dell | powerprotect_data_domain | From 7.13.1.0 (inc) to 7.13.1.40 (inc) |
| dell | powerprotect_data_domain | From 7.10.1.0 (inc) to 7.10.1.70 (inc) |
| dell | data_domain_operating_system | From 7.13.1.0 (inc) to 7.13.1.50 (inc) |
| dell | data_domain_operating_system | 8.4.0.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a heap-based buffer overflow found in Dell PowerProtect Data Domain operating system versions from 7.7.1.0 through 8.4.0.0 and certain LTS releases. It can be exploited by a high privileged attacker with local access to the system, potentially causing a denial of service.
How can this vulnerability impact me? :
If exploited, this vulnerability can lead to a denial of service condition, which means the affected system could become unavailable or stop functioning properly, impacting availability of services.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70