CVE-2026-46463
Received Received - Intake

Integer Overflow in Dell PowerProtect Data Domain

Vulnerability report for CVE-2026-46463, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-03

Last updated on: 2026-07-03

Assigner: Dell

Description

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-03
Last Modified
2026-07-03
Generated
2026-07-03
AI Q&A
2026-07-03
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 4 associated CPEs
Vendor Product Version / Range
dell powerprotect_data_domain From 7.7.1.0 (inc) to 8.7 (inc)
dell powerprotect_data_domain From 8.6.1.0 (inc) to 8.6.1.10 (inc)
dell powerprotect_data_domain From 8.3.1.0 (inc) to 8.3.1.30 (inc)
dell powerprotect_data_domain From 7.13.1.0 (inc) to 7.13.1.70 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an integer overflow or wraparound issue found in Dell PowerProtect Data Domain software versions 7.7.1.0 through 8.7, including specific LTS releases. An integer overflow occurs when a calculation exceeds the maximum size that can be stored in an integer variable, causing it to wrap around to a smaller value. This flaw can be exploited remotely by an unauthenticated attacker.

Exploitation of this vulnerability could lead to a denial of service condition, meaning the affected system could become unavailable or stop functioning properly.

Impact Analysis

If exploited, this vulnerability can cause a denial of service (DoS) on the affected Dell PowerProtect Data Domain system. This means that the system could become unresponsive or crash, potentially disrupting backup and data protection services.

Since the attacker does not require authentication and can exploit the vulnerability remotely, the risk of disruption is higher, especially if the system is exposed to untrusted networks.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46463. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart