Key Takeaways:
- PRC-linked hackers exploited a Dell RecoverPoint zero-day for nearly two years.
- The flaw enabled persistent access and advanced malware deployment in VMware environments.
- Dell and Mandiant urge immediate patching, monitoring, and stronger segmentation.
Chinese state-sponsored hackers have quietly leveraged a hard-coded credential flaw in Dell RecoverPoint for Virtual Machines for nearly two years, weaponizing it as a powerful zero-day entry point. The vulnerability grants attackers deep, persistent access to compromised environments, which enables long-term lateral movement and covert control over virtualized infrastructure.
RecoverPoint for Virtual Machines (RP4VM) is Dell’s data‑protection and disaster‑recovery solution designed specifically for VMware environments. It enables organizations to replicate, back up, and restore virtual machines with minimal downtime. This service…