Dell PowerProtect Data Domain OS Command Injection Vulnerability (CNVD-2025-22717)

Dell PowerProtect Data Domain Dell PowerProtect DD is a suite of hardware appliances for data protection, backup, storage, and deduplication from Dell, USA. A security vulnerability exists in Dell PowerProtect Data Domain, which can be exploited by an attacker to cause arbitrary commands to be...

PT-2024-5168 · Dell · Dell Edge Gateway Bios

Name of the Vulnerable Software and Affected Versions: Dell Edge Gateway BIOS versions 3200 and 5200 Description: The issue is related to an out-of-bounds write vulnerability in the Dell Edge Gateway BIOS. A local authenticated malicious user with high privileges could potentially exploit this...

Input validation

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable...

PT-2023-6776 · Dell · Dell Alienware Command Center

Name of the Vulnerable Software and Affected Versions: Dell Alienware Command Center versions 5.5.37.0 and prior Description: The issue is related to improper input validation. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileg...

Vulnerability found in Dell firmware update driver

A vulnerability has been fixed in the Dell dbutil23.sys driver for Windows systems. This driver has been installed by default on all Dell laptop and desktop systems since 2009. A local malicious person could, by exploiting this vulnerability to gain SYSTEM privileges on the vulnerable system. For...

This Week in Security News: Malvertising and Internet of Things Malware

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a new Internet of Things malware that’s bricked thousands of devices. Also, read about a ransomware family that’s using...