Back to CVE risk briefs

External risk intelligence

Dell RecoverPoint could allow external attackers to gain full administrative control.

Dell RecoverPoint for Virtual Machines could allow external attackers to exploit hardcoded credentials and gain full root-level control of the system. This actively exploited vulnerability poses a critical risk to business operations if these management interfaces are reachable via the network.

NVD published February 17, 2026 (3 months ago)

External risk briefKnown Exploit

CVE-2026-22769

Exposure facts

Severity
CRITICAL
Published by NVD
February 17, 2026 (3 months ago)

H – Horizon Alert

Dell RecoverPoint for Virtual Machines contains a security flaw involving hardcoded credentials that could allow unauthorized individuals to gain remote access to the system. If exploited, an attacker could potentially obtain full, root-level control and establish persistent access to the underlying operating system. This represents a significant security concern, as it allows external actors to bypass authentication measures to compromise the integrity of the affected environment.

A – Asset Exposure

Dell RecoverPoint for Virtual Machines is a platform typically used to manage disaster recovery and business continuity across virtualized environments. While these systems are generally housed within private management networks, specific deployment configurations may increase their network visibility. If this vulnerability is exploited, an unauthorized party could gain root-level persistence and full control over the underlying operating system of the affected appliance.

L – Live Threat

This vulnerability is confirmed to be actively exploited in the wild. It has been added to CISA’s catalog of known exploited vulnerabilities, and security intelligence indicates that threat actors are actively targeting this flaw to gain unauthorized access. Because successful exploitation allows an attacker to achieve root-level persistence, this issue represents a significant security risk to the environment.

O – Operational Fix

To address this situation, please instruct your technical team to review the official Dell support documentation immediately. The vendor advises upgrading your software or applying the provided remediations to secure these systems. We recommend prioritizing this work across all affected environments as part of your standard maintenance activities. If these measures cannot be implemented, please evaluate your options regarding the continued use of the product within your infrastructure.

References