CVE-2026-22769

high-risk
Published 2026-02-17

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.

Do I need to act?

!
20.0% chance of exploitation in next 30 days
EPSS score — higher than 80% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
10
CVSS 10.0/10 Critical
NETWORK / LOW complexity

Affected Products (9)

Recoverpoint For Virtual Machines
Recoverpoint For Virtual Machines
Recoverpoint For Virtual Machines
Recoverpoint For Virtual Machines
Recoverpoint For Virtual Machines
Recoverpoint For Virtual Machines
Recoverpoint For Virtual Machines
Recoverpoint For Virtual Machines
Recoverpoint For Virtual Machines

Affected Vendors

Dell

References (3)

Patch https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079
Third Party Advisory https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell...
US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-...
69
/ 100
high-risk
Severity 33/34 · Critical
Exploitability 21/34 · High
Exposure 15/34 · Moderate