CVE-2025-43906

🗓️ 07 Oct 2025 18:02:09Reported by dellType

Dell PowerProtect Data Domain DD OS suffers OS command injection enabling arbitrary command execution and potential root access.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-43906	8 Oct 202504:07	–	circl
CNNVD	Dell PowerProtect Data Domain 操作系统命令注入漏洞	7 Oct 202500:00	–	cnnvd
Cvelist	CVE-2025-43906	7 Oct 202518:02	–	cvelist
EUVD	EUVD-2025-32726	7 Oct 202518:02	–	euvd
NVD	CVE-2025-43906	7 Oct 202518:15	–	nvd
OSV	CVE-2025-43906	7 Oct 202518:15	–	osv
Positive Technologies	PT-2025-41148	7 Oct 202500:00	–	ptsecurity
Vulnrichment	CVE-2025-43906	7 Oct 202518:02	–	vulnrichment

NVD

Vulners

Node

dell data_domain_operating_systemRange7.7.1.0–7.10.1.70

dell data_domain_operating_systemRange7.13.1.0–7.13.1.40

dell data_domain_operating_systemRange8.3.0.0–8.3.0.15

dell data_domain_operating_systemRange8.3.1.0–8.3.1.10

[
  {
    "defaultStatus": "unaffected",
    "product": "PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "8.4.0.0",
        "status": "affected",
        "version": "7.7.1.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2025",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "8.3.1.10",
        "status": "affected",
        "version": "8.3.1.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "7.13.1.40",
        "status": "affected",
        "version": "7.13.1.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "7.10.1.70",
        "status": "affected",
        "version": "7.10.1.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
dell	www.dell.com/support/kbdoc/en-us/000376224/dsa-2025-333-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities

14 Oct 2025 20:12Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.16.7

EPSS0.0002

SSVC

CWE-78