A Vulnerability in Dell RecoverPoint for Virtual Machines Could Allow for Arbitrary Code Execution

A critical hardcoded-credential vulnerability (CVE-2026-22769) in Dell RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1 could allow an unauthenticated remote attacker who knows the credential to achieve arbitrary code execution and root-level persistence, enabling installation of programs, data access/modification, or creation of privileged accounts; the issue is mapped to ATT&CK tactic Execution (T1203) and no active exploitation is reported.