A critical vulnerability has been identified in NetApp’s SnapCenter Server, affecting versions before 6.0.1P1 and 6.1P1.
This flaw allows an authenticated SnapCenter Server user to potentially escalate their privileges to admin on remote systems where SnapCenter plug-ins are installed.
The vulnerability has been designated as CVE-2025-26512 and carries a Critical severity rating with a CVSS score of 9.9.
Impact of the Vulnerability
The CVE-2025-26512 vulnerability poses a significant risk to organizations using SnapCenter. Successful exploitation can grant attackers the ability to elevate their privileges on remote systems, potentially leading to unauthorized access and control.
This level of access could enable malicious actors to execute commands, manipulate data, and disrupt system operations.
Vulnerability Details
- Vulnerability Scoring:
- CVE: CVE-2025-26512
- CVSS Score: 9.9
- Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
The CVSS score indicates a Critical vulnerability with high impact capabilities.
- Severity: Critical
- Type: Privilege Escalation
- Risk Level: High
As of the latest advisory update on March 24, 2025, NetApp has not reported any public discussions or known instances of this vulnerability being exploited.
However, given its critical nature, organizations need to address this vulnerability promptly.
Advisory and Recommendations
- Advisory ID: NTAP-20250324-0001
- Version: 1.0
- Status: Final
- Last Updated: March 24, 2025
This advisory serves as the official source of information regarding the vulnerability and its mitigation steps.
Organizations using SnapCenter are advised to upgrade to versions 6.0.1P1 or 6.1P1 as soon as possible to patch this vulnerability.
Users can subscribe to NetApp’s security advisory updates to stay informed about any additional guidance or updates related to CVE-2025-26512.
The CVE-2025-26512 vulnerability highlights the importance of maintaining software up-to-date and prioritizing security patches.
Given the high potential impact, immediate action is recommended to protect against potential attacks.
Organizations should also consider implementing additional security measures, such as monitoring network activity and enforcing strict access controls, to protect their infrastructure from emerging threats like this critical vulnerability.
Are you from SOC/DFIR Teams? – Analyse Malware, Phishing Incidents & get live Access with ANY.RUN -> Start Now for Free.
