CVE-2026-22769

CRITICAL KEV

Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass

Title source: llm

Exploitation Summary

CVE-2026-22769 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added February 18, 2026.

Description

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.

References (3)

Core 3

Core References

Various Sources vendor-advisory

https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079

Third Party Advisory, US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-22769

Various Sources

https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day

Scores

CVSS v3 10.0

EPSS 0.2682

EPSS Percentile 96.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable yes

Technical Impact total

Details

CISA KEV 2026-02-18

VulnCheck KEV 2026-02-17

ENISA EUVD EUVD-2026-7966

CWE

CWE-798

Status published

Products (2)

dell/recoverpoint_for_virtual_machines 6.0 (8 CPE variants)

dell/recoverpoint_for_virtual_machines < 6.0

Published Feb 17, 2026

KEV Added Feb 18, 2026

Tracked Since Feb 18, 2026