CVE-2026-46463 data domain operating system vulnerability
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
Quick answer
dell data domain operating system should be reviewed and updated if it matches the affected versions. The recommended fix is to apply the vendor-supported patched version or the mitigation steps below, then retest the public website with Fixnx.
Who is affected
Affected versions
- 7.7.1.0 through 8.7.0.0
- 8.6.1.0 through 8.6.1.10 LTS2026
- 8.3.1.0 through 8.3.1.30 LTS2025
- 7.13.1.0 through 7.13.1.70 LTS2024
Fixed versions
- 8.8.0.0 or later
- 8.6.1.20 or later
- 8.3.1.40 or later
- 7.13.1.80 or later
How to fix it
CVE-2026-46463 affects Dell PowerProtect Data Domain. A privileged or remote attacker may cause a crash or outage. Upgrade DD OS to the fixed Dell release for your branch: 8.8.0.0 or later, 8.6.1.20 or later, 8.3.1.40 or later, 7.13.1.80 or later.
- List every Dell PowerProtect Data Domain appliance and DD OS version.
- Compare each appliance with the affected version ranges in the Dell advisory.
- Plan the branch update to 8.8.0.0 or later, 8.6.1.20 or later, 8.3.1.40 or later, 7.13.1.80 or later.
- Back up configuration and confirm maintenance window requirements.
- Restrict management access to trusted admin networks until patched.
- Apply the Dell-supported DD OS update for the appliance branch.
- Review admin, SSH, API, and system logs for suspicious activity.
- Rotate admin credentials if compromise is suspected.
Scan now. Google sign-in is only needed to unlock fix guidance.
Verify the fix
- Confirm the appliance reports one of the fixed versions: 8.8.0.0 or later, 8.6.1.20 or later, 8.3.1.40 or later, 7.13.1.80 or later.
- Confirm management interfaces are not exposed to untrusted networks.
- Confirm backup and restore jobs still run after the update.
- Review logs again after patching for repeated exploit attempts.
- Save the Dell advisory, version output, and change ticket as evidence.
Related categories
Trusted references
FAQ
What is affected by CVE-2026-46463?
dell data domain operating system versions listed as affected should be reviewed: 7.7.1.0 through 8.7.0.0, 8.6.1.0 through 8.6.1.10 LTS2026, 8.3.1.0 through 8.3.1.30 LTS2025, 7.13.1.0 through 7.13.1.70 LTS2024.
What should I fix first?
Start with internet-facing sites, admin panels, login flows, plugins, themes, modules, packages, and systems that process user-controlled input or sensitive data.
How do I confirm the fix worked?
Apply the patched version or mitigation, clear caches where relevant, retest the affected workflow, and run a new Fixnx scan to verify public website exposure signals.
How are Fixnx security risk categories chosen?
Fixnx keeps one canonical risk page and assigns only broad, relevant categories such as ecosystem, technology area, or vulnerability class.
