Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
Summary
A zero-day vulnerability, CVE-2026-22769, affecting Dell RecoverPoint for VMs has been actively exploited since mid-2024. The vulnerability, which involves hard-coded credentials, is being exploited by a suspected China-nexus threat actor, UNC6201.
IFF Assessment
FOE
Active exploitation of a zero-day vulnerability with a CVSS score of 10.0 is detrimental to defenders.
Severity
10.0
Critical
Defender Context
Defenders using Dell RecoverPoint for VMs should immediately apply available patches or mitigations. The exploitation of hard-coded credentials highlights the importance of secure configuration management and regular security audits. Defenders should also monitor for suspicious activity indicative of UNC6201 tactics, techniques, and procedures (TTPs).