A crucial safety flaw has been disclosed in NetApp SnapCenter that, if efficiently exploited, may permit privilege escalation.
SnapCenter is an enterprise-focused software that is used to handle knowledge safety throughout purposes, databases, digital machines, and file methods, providing the power to backup, restore, and clone knowledge assets.
The vulnerability, tracked as CVE-2025-26512, carries a CVSS rating of 9.9 out of a most of 10.0.
“SnapCenter variations prior to six.0.1P1 and 6.1P1 are inclined to a vulnerability which can permit an authenticated SnapCenter Server consumer to develop into an admin consumer on a distant system the place a SnapCenter plug-in has been put in,” the info infrastructure firm said in an advisory printed this week.
CVE-2025-26512 has been addressed in SnapCenter variations 6.0.1P1 and 6.1P1. There are at present no workarounds that tackle the difficulty.
Whereas there isn’t a proof that the shortcoming has been exploited within the wild, it is important that organizations apply the most recent updates to safeguard towards potential threats.
