The NetApp Snapcenter has disclosed the critical lack of security, which, if successfully used, may allow escalation of privileges.
Snapcenter – this Software focused on enterprise This is used to control data protection in applications, databases, virtual machines and file systems, offering the ability to back up, recover and clone data resources.
Vulnerability tracked as Cve-2025-26512It carries the CVSS 9.9 with a maximum of 10.0.
“Snapcenter versions of 6.0.1p1 and 6.1p1 are sensitive to vulnerability that can allow a Snapcentter user check to become an administrator user in a remote system where the Snapcenter plugin was installed,” the infrastructure company involved – noted in a consultation published this week.
The CVE-2025-26512 was considered in the Snapcenter 6.0.1P1 and 6.1p1 versions. There are currently no solutions that resolve the issue.
While there is no evidence that the deficiency was used in the wild, it is important that the organizations apply the latest updates to protect against potential threats.