A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation.
SnapCenter is an enterprise-focused software that’s used to manage data protection across applications, databases, virtual machines, and file systems, offering the ability to backup, restore, and clone data resources.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
The vulnerability, tracked as CVE-2025-26512, carries a CVSS score of 9.9 out of a maximum of 10.0.
“SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed,” the data infrastructure company said in an advisory published this week.
CVE-2025-26512 has been addressed in SnapCenter versions 6.0.1P1 and 6.1P1. There are currently no workarounds that address the issue.
While there is no evidence that the shortcoming has been exploited in the wild, it’s essential that organizations apply the latest updates to safeguard against potential threats.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Some parts of this article are sourced from:
thehackernews.com
New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations