PatchSiren cyber security CVE debrief
CVE-2026-53480 Dell CVE debrief
CVE-2026-53480 is a path traversal vulnerability in Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized file modification. The vulnerability has a CVSS score of 2.7 and a CVSS severity of LOW. System administrators and security teams should be aware of this vulnerability and take necessary actions to mitigate the risk.
- Vendor
- Dell
- Product
- PowerProtect Data Domain
- CVSS
- LOW 2.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-08
- Original CVE updated
- 2026-07-08
- Advisory published
- 2026-07-08
- Advisory updated
- 2026-07-08
Who should care
System administrators and security teams responsible for Dell PowerProtect Data Domain systems, particularly those with versions 7.7.1.0 through 8.7, should be aware of this vulnerability and take necessary actions to mitigate the risk. They should review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
Technical summary
The CVE-2026-53480 vulnerability is an improper limitation of a pathname to a restricted directory ('path traversal') in Dell PowerProtect Data Domain. This vulnerability affects versions 7.7.1.0 through 8.7 of Dell PowerProtect Data Domain. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized file modification. The CVSS score is 2.7 and the CVSS severity is LOW.
Defensive priority
Medium
Recommended defensive actions
- Apply the vendor-provided security update
- Restrict remote access to high-privileged accounts
- Monitor system logs for suspicious activity
- Implement additional security controls to prevent unauthorized file modifications
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
Evidence notes
The CVE record was published on 2026-07-08T14:17:03.880Z and has not been modified since then. The NVD entry is currently Analyzed. The vulnerability affects Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized file modification. The CVSS score is 2.7 and the CVSS severity is LOW.
Official resources
-
CVE-2026-53480 CVE record
CVE.org
-
CVE-2026-53480 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-08T14:17:03.880Z and has not been modified since then.