Dell RecoverPoint VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

China-nexus UNC6201 exploited CVE-2026-22769 in Dell RecoverPoint for VMs since mid-2024. The CVSS 10.0 hardcoded credential flaw grants root access to backup appliances. Google Mandiant discovered active intrusions during incident response. The vulnerability affects versions before 6.0.3.1 HF1. Attackers authenticate as “admin” to Apache Tomcat Manager, upload SLAYSTYLE webshell via “/manager/text/deploy”, and drop BRICKSTORM/GRIMBOLT backdoors […] The post Dell RecoverPoint VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024 appeared first on VPN Central.