Critical Vulnerability in Dell RecoverPoint for Virtual Machines

Background

Dell has released security updates to address a critical vulnerability (CVE-2026-22769) affecting RecoverPoint for Virtual Machines. The vulnerability has a Common Vulnerability Scoring System (CVSS v3.1) score of 10 out of 10.

Impact

Successful exploitation of this hardcoded credential vulnerability could allow an unauthenticated remote attacker with knowledge of the credentials to gain unauthorised access to the underlying operating system. This can lead to complete system compromise, enabling the attacker to establish root-level persistence and move laterally within the virtual environment.

Known Exploitation

This vulnerability is being actively exploited in the wild.

Affected Products

The vulnerability affects the following versions of Dell RecoverPoint for Virtual Machines:

• Versions prior to 6.0.3.1 HF1

Recommendations

Users and administrators of affected product versions are advised to update to the latest versions immediately.

For version 5.3 SP4 P1:

Follow these steps in order:

1. ​Migrate from RecoverPoint for Virtual Machines 5.3 SP4 P1 to 6.0 SP3. (https://www.dell.com/support/manuals/en-sg/recoverpoint-for-virtual-machines/rp4vms_installation_deployment_guide_6_0_3_1/upgrade-from-recoverpoint-for-vms-5.3.sp4-p1-to-6.0.sp3-and-later?guid=guid-911c0257-aa9d-404b-939b-4d9b3428fa42)

2. ​Upgrade to 6.0.3.1 HF1.

​OR

​Follow the instructions in the Knowledge Base article (https://www.dell.com/support/kbdoc/en-sg/000426742/recoverpoint-for-vms-apply-the-remediation-script-for-dsa) to run the remediation script:

The above remediation script is also for versions 6.0, 6.0 SP1, 6.0 SP1 P1, 6.0 SP1 P2, 6.0 SP2, 6.0 SP2 P1, 6.0 SP3, and 6.0 SP3 P1

References

https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day

https://www.dell.com/support/kbdoc/en-sg/000426773/dsa-2026-079

https://nvd.nist.gov/vuln/detail/CVE-2026-22769