theinfosecnews
theinfosecnews
Subscribe to Daily Digest

CVE-2026-22769

CISA KEV

Published February 18, 2026 · Updated April 3, 2026

high

What This Means

# CVE-2026-22769: Dell RecoverPoint for Virtual Machines Hard-Coded Credentials Dell RecoverPoint for Virtual Machines (RP4VMs) contains hard-coded credentials in the product code that allow unauthenticated remote attackers to gain unauthorized OS-level access and establish root persistence without requiring valid user credentials. An attacker can exploit this vulnerability to compromise the underlying hypervisor environment, bypass all authentication controls, and maintain persistent access to virtual machines protected by the RecoverPoint appliance—directly affecting backup integrity and business continuity infrastructure. **Actions:** - Identify all RP4VMs deployments in your environment immediately and isolate them from untrusted networks. - Check Dell's security advisory for affected version numbers and apply patches when released. - Review access logs for unauthorized connections to RP4VMs management interfaces and underlying OS accounts. - Implement network segmentation to restrict RP4VMs access to authorized recovery and administrative personnel only. - Monitor for suspicious process execution or persistence mechanisms (cron jobs, systemd units, kernel modules) on affected appliances.

Official Description+

Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allow an unauthenticated remote attacker to gain unauthorized access to the underlying operating system and root-level persistence.

Affected Products

VendorProduct
DellRecoverPoint for Virtual Machines (RP4VMs)

Patch Status

Patch by 2026-02-21

Recommended Actions

  1. Check if your systems use any of the affected products listed above.
  2. Apply vendor patches immediately if available.
  3. This vulnerability is in CISA's Known Exploited Vulnerabilities catalog — prioritize remediation.
  4. Monitor vendor advisories for updates and additional mitigations.
  5. Review logs for indicators of compromise related to CVE-2026-22769.

Related Coverage

Vvulnerability

CVE-2026-22769: Dell RecoverPoint for Virtual Machines Exposes Root Access via Hard-Coded Credentials

CVE-2026-22769 affects Dell RecoverPoint for Virtual Machines (RP4VMs) and allows unauthenticated remote attackers to gain root-level OS access using hard-coded credentials embedded in the product. Exploitation requires no user interaction and no valid credentials, giving attackers full control over backup and recovery infrastructure. CISA requires federal agencies to patch by February 21, 2026; all organizations should isolate affected appliances, apply Dell's patch immediately, and audit for existing persistence.

CISA KEV·44d ago·3 min read