Jump to the main content block
  1. Home
  2. Information Security
  3. Vulnerability Alert

【Vulnerability Alert】Dell RecoverPoint for Virtual Machines Contains a High-Risk Security Vulnerability (CVE-2026-22769); Please Verify and Apply the Necessary Patches as Soon as Possible

publish date : 2026-02-26 update date : 2026-02-26

Source: Ministry of education information & communication security contingency platform

"" "" ""

Publication Number TACERT-ANA-2026022502021111 Publication Time 2026/02/25 14:23
Incident Type ANA-Vulnerability Alert Discovery Time 2026/02/25 14:23
Impact Level Medium  
[Subject]
【Vulnerability Alert】Dell RecoverPoint for Virtual Machines Contains a High-Risk Security Vulnerability (CVE-2026-22769); Please Verify and Apply Patches as Soon as Possible
[Content]
Forwarded from the National Institute of Cyber Security NISAC-200-202602-00000093

Security researchers have identified a Use of Hard-coded Credentials vulnerability in Dell RecoverPoint for Virtual Machines (CVE-2026-22769). An unauthenticated remote attacker can use the hard-coded credentials to obtain root privileges on the underlying operating system. This vulnerability has been exploited by attackers. Please verify your systems and apply the necessary patches as soon as possible.

(Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform]
RecoverPoint for Virtual Machines versions 5.3 SP4 P1 and earlier (including 5.3 SP4 P1), 6.0, 6.0 SP1, 6.0 SP1 P1, 6.0 SP1 P2, 6.0 SP2, 6.0 SP2 P1, 6.0 SP3, and 6.0 SP3 P1.

[Recommended Actions]
The vendor has released a security update to address this vulnerability. Please refer to the official advisory and perform the update accordingly. The URL is as follows:

https://www.dell.com/support/kbdoc/zh-tw/000426773/dsa-2026-079

[Reference]
1. https://nvd.nist.gov/vuln/detail/CVE-2026-22769

2. https://www.dell.com/support/kbdoc/zh-tw/000426773/dsa-2026-079
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center
Click Num:
Print