Summary: A critical security vulnerability in NetApp SnapCenter, tracked as CVE-2025-26512, allows for potential privilege escalation by authenticated users. This flaw affects versions prior to 6.0.1P1 and 6.1P1, carrying a severe CVSS score of 9.9. Organizations are urged to update to the latest versions to mitigate risks, as there are no workarounds available.
Affected: NetApp SnapCenter
Keypoints :
- CVE-2025-26512 enables privilege escalation for authenticated SnapCenter users.
- Affected versions include SnapCenter prior to 6.0.1P1 and 6.1P1.
- Organizations should update promptly since there are no workarounds for this vulnerability.
- The CVSS score of 9.9 signifies a critical security risk.
- No evidence of exploitation in the wild has been reported to date.
Source: https://thehackernews.com/2025/03/netapp-snapcenter-flaw-could-let-users.html