CVE-2026-22769 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	10 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
dell	CNA	10 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 96%

Affected Products (NVD)

Vendor	Product	Version
dell	recoverpoint_for_virtual_machines	𝑥 < 6.0
dell	recoverpoint_for_virtual_machines	6.0
dell	recoverpoint_for_virtual_machines	6.0:sp1
dell	recoverpoint_for_virtual_machines	6.0:sp1_p1
dell	recoverpoint_for_virtual_machines	6.0:sp1_p2
dell	recoverpoint_for_virtual_machines	6.0:sp2
dell	recoverpoint_for_virtual_machines	6.0:sp2_p1
dell	recoverpoint_for_virtual_machines	6.0:sp3
dell	recoverpoint_for_virtual_machines	6.0:sp3_p1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-798 - Use of Hard-coded Credentials
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

Vulnerability Media Exposure

[GERMAN] Jetzt patchen! Angreifer attackieren Dell RecoverPoint for Virtual Machines
Es sind wichtige Sicherheitsupdates für unter anderem Dell RecoverPoint for Virtual Machines und Avamar Server erschienen. Es gibt bereits Attacken.
Published: 2026-02-18T09:59:00+00:00
[ENGLISH] China-linked snoops have been exploiting Dell 0-day since mid-2024, using 'ghost NICs' to avoid detection
Full scale of infections remains 'unknown' China-linked attackers exploited a maximum-severity hardcoded-credential bug in Dell RecoverPoint for Virtual Machines as a zero-day since at least mid-2024. It's all part of a long-running effort to backdoor infected machines for long-term access, according to Google's Mandiant incident response team.…
Published: 2026-02-18T00:05:58+00:00
[ENGLISH] Chinese APT Group Exploits Dell Zero-Day for Two Years
Mandiant reveals campaign featuring exploit of a CVSS 10.0 CVE in Dell RecoverPoint for Virtual Machines
Published: 2026-02-18T10:10:00+00:00
[GERMAN] Attacken auf VMs: Hacker nutzen fest kodierte Zugangsdaten in Dell-Tool aus
Dell hat in einem Back-up-Tool für virtuelle Maschinen Admin-Zugangsdaten zurückgelassen. Angreifer missbrauchen diese schon seit Mitte 2024. ( Sicherheitslücke , Dell )
Published: 2026-02-18T08:59:02+01:00
[GERMAN] Dell RecoverPoint for Virtual Machines: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen und potenziell Privilegieneskalation
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Dell RecoverPoint for Virtual Machines ausnutzen, um Sicherheitsvorkehrungen zu umgehen, und potenziell um seine Privilegien zu erhöhen.
Published: 2026-02-17T23:00:00+00:00
[ENGLISH] Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG). The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials
Published: 2026-02-18T16:02:00+05:30
[ENGLISH] CISA orders feds to patch actively exploited Dell flaw within 3 days
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems within three days against a maximum-severity Dell vulnerability that has been under active exploitation since mid-2024. [...]
Published: 2026-02-19T10:30:37-05:00

References

https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079

https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-22769