A vital safety flaw has been disclosed in NetApp SnapCenter that, if efficiently exploited, might enable privilege escalation.
SnapCenter is an enterprise-focused software that is used to handle knowledge safety throughout purposes, databases, digital machines, and file methods, providing the flexibility to backup, restore, and clone knowledge assets.
The vulnerability, tracked as CVE-2025-26512, carries a CVSS rating of 9.9 out of a most of 10.0.
“SnapCenter variations prior to six.0.1P1 and 6.1P1 are vulnerable to a vulnerability which can enable an authenticated SnapCenter Server consumer to grow to be an admin consumer on a distant system the place a SnapCenter plug-in has been put in,” the information infrastructure firm said in an advisory printed this week.
CVE-2025-26512 has been addressed in SnapCenter variations 6.0.1P1 and 6.1P1. There are at the moment no workarounds that deal with the difficulty.
Whereas there is no such thing as a proof that the shortcoming has been exploited within the wild, it is important that organizations apply the newest updates to safeguard towards potential threats.
Source link