Overview

CVE: CVE-2025-36594
Severity: Critical
Score: CVSS 9.8
Date: 5 August 2025

Dell has released a critical security advisory (DSA-2025-159) for its PowerProtect Data Domain platform. The primary threat is a remote, unauthenticated authentication bypass vulnerability (CVE-2025-36594) that allows for system compromise. The advisory also includes several local privilege escalation flaws. Due to the high risk of a remote attack, immediate patching is essential.

 

Affected Versions

  • Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) Feature Release: versions 7.7.1.0 through 8.3.0.15
  • DD OS LTS 2024 Release: versions 7.13.1.0 through 7.13.1.25
  • DD OS LTS 2023 Release: versions 7.10.1.0 through 7.10.1.60

 

Vulnerability Breakdown

CVE-2025-36594

  • Description: An authentication bypass by spoofing vulnerability.
  • Score: CVSS 9.8 (Critical)
  • Impact: Allows a remote, unauthenticated attacker to bypass security, create accounts, expose customer data, and impact system integrity and availability.
  • Risk: Critical for all deployments, as exploitation requires no prior access or authentication.

 

Mitigation

  • Apply the remediated software versions as outlined in Dell Security Advisory DSA-2025-159.
  • Prioritise patching for internet-facing or untrusted-network-accessible systems to address the remote execution risk from CVE-2025-36594.
  • Ensure access to the DDSH CLI is restricted to trusted administrative personnel only.
  •  

Summary for IT Teams

  • Products: Dell PowerProtect Data Domain Appliances, Data Domain Virtual Edition, Dell APEX Protection Storage, and Data Domain Management Center.
  • Threat Level: Critical
  • Action:
    • Immediately apply the patches specified in Dell advisory DSA-2025-159 to all affected systems.
    • Review system logs for any signs of unauthorised account creation or system modification.
    • Confirm that management interfaces are not exposed to untrusted networks.

Reference

 

Need Help?

If your organisation requires assistance identifying affected systems, applying updates or adjusting controller configurations, our team is here to help. Email us via soc@secure-iss.com for assistance.