Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-22769
PUBLISHED
More InfoOfficial Page
Assigner-dell
Assigner Org ID-c550e75a-17ff-4988-97f0-544cde3820fe
View Known Exploited Vulnerability (KEV) details
Published At-17 Feb, 2026 | 19:19
Updated At-19 Feb, 2026 | 14:57
Rejected At-
▼CVE Numbering Authority (CNA)

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.

Affected Products
Vendor
Dell Inc.Dell
Product
RecoverPoint for Virtual Machines
Default Status
unaffected
Versions
Affected
  • From 5.3 SP4 P1 before 6.0.3.1 HF1 (semver)
Vendor
Dell Inc.Dell
Product
RecoverPoint for Virtual Machines
Default Status
unaffected
Versions
Affected
  • From 6.0, 6.0 SP1, 6.0 SP1 P1, 6.0 SP1 P2, 6.0 SP2, 6.0 SP2 P1, 6.0 SP3, and 6.0 SP3 P1 before 6.0.3.1 HF1 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-798CWE-798: Use of Hard-coded Credentials
Type: CWE
CWE ID: CWE-798
Description: CWE-798: Use of Hard-coded Credentials
Metrics
VersionBase scoreBase severityVector
3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 10.0
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Dell would like to thank Peter Ukhanov from Google/Mandiant for reporting this issue.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079
vendor-advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
kev
dateAdded:
2026-02-18
reference:
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-22769
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-22769
government-resource
https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day
third-party-advisory
Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-22769
Resource:
government-resource
Hyperlink: https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day
Resource:
third-party-advisory
Details not found