CVE-2025-26512
Published: 24 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-26512 is a privilege escalation vulnerability affecting NetApp SnapCenter versions prior to 6.0.1P1 and 6.1P1. It enables an authenticated user on the SnapCenter Server to gain administrative privileges on a remote system where a SnapCenter plug-in is installed. The issue is associated with CWE-266 (Incorrect Privilege Assignment) and carries a CVSS v3.1 base score of 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H), classifying it as critical due to its network accessibility, low complexity, and high impacts across confidentiality, integrity, and availability.
An attacker requires only low-privilege authenticated access to the SnapCenter Server to exploit this vulnerability remotely without user interaction. Exploitation allows the attacker to elevate their privileges to administrator level on remote hosts running SnapCenter plug-ins, potentially enabling full control over those systems in a cross-scope attack.
NetApp security advisories (NTAP-20250324-0001), available at https://security.netapp.com/advisory/ntap-20250324-0001/ and https://security.netapp.com/advisory/NTAP-20250324-0001, detail mitigation steps, with upgrading to SnapCenter 6.0.1P1 or 6.1P1 resolving the issue in affected versions.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CVE explicitly describes a privilege escalation vulnerability (CWE-266) allowing an authenticated low-privilege user on the SnapCenter Server to gain administrative privileges on remote systems with SnapCenter plug-ins installed, directly enabling exploitation for privilege escalation.