CVE-2026-22769

Technology

Last mentioned: 4d ago

Timeline

  1. Patch Release

    Dell issues critical security updates to address the RecoverPoint vulnerability.

  2. Public Disclosure

    Mandiant and GTIG reveal the 18-month-long zero-day exploitation campaign.

  3. Ongoing Espionage

    Attackers maintain persistence and conduct malware campaigns across multiple sectors.

  4. Initial Exploitation

    UNC6201 begins weaponizing CVE-2026-22769 in targeted attacks.

Stories mentioning CVE-2026-22769 1

Vulnerabilities Bearish

Chinese State Hackers Weaponize Dell RecoverPoint Zero-Day Since Mid-2024

A sophisticated Chinese cyberespionage group, tracked as UNC6201, has been exploiting a critical zero-day vulnerability in Dell RecoverPoint for Virtual Machines for nearly two years. The flaw, identified as CVE-2026-22769, allowed attackers to maintain long-term persistence and conduct stealthy malware campaigns against high-value targets.

4 sources