Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Dell PowerProtect Data Manager: Unprivileged Access Leads to Elevated Privileges
CVE-2026-22267
Summary
A remote attacker with basic access can gain full control over Dell PowerProtect Data Manager, allowing them to make changes to the system and sensitive data. This could lead to unauthorized access, data theft, or system compromise. Update to version 19.22 or later to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| dell | powerprotect_data_manager | <= 19.22 | – |
Original title
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vu...
Original description
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
nvd CVSS3.1
8.8
Vulnerability type
CWE-266
Incorrect Privilege Assignment
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026