clayton@site:~/news$ cat cve-2026-22769-dell-recoverpoint-for-virtual-machines-rp4vms.log

CVE-2026-22769 — Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability

2026-02-18 • CISA Known Exploited Vulnerability

[event] Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allow an unauthenticated remote attacker to gain unauthorized access to the underlying operating system and root-level persistence.

> AFFECTED SOFTWARE

Field	Value
Vendor	Dell
Product	RecoverPoint for Virtual Machines (RP4VMs)
CWE	CWE-798
CVE ID	CVE-2026-22769
Date Added	2026-02-18
Due Date	2026-02-21
Ransomware Campaign	Unknown

> MITIGATION

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due Date: 2026-02-21

> REFERENCES

[1] https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079
[2] https://www.dell.com/support/kbdoc/en-us/000426742/recoverpoint-for-vms-apply-th...
[3] https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell...
[4] https://nvd.nist.gov/vuln/detail/CVE-2026-22769