Critical vulnerability in NetApp SnapCenter Server enables privilege escalation
Take action: If you are running NetApp SnapCenter Server, this one is a priority patch. As usual, make sure that your SnapCenter is accessible only from trusted networks, but then plan a quick patch. Because isolation is not enough, someone will be hacked and the hackers will get access to the server.
Learn More
A critical vulnerability has been identified in NetApp's SnapCenter Server that allows authenticated users to potentially escalate their privileges to admin level on remote systems where SnapCenter plug-ins are installed.
NetApp SnapCenter Server is a centralized platform designed for application-consistent data protection, allowing users to manage backups, restores, and cloning operations for various applications and databases.
The flaw is tracked as CVE-2025-26512 (CVSS score 9.9). Exploitation could grant attackers elevated privileges on remote systems, potentially enabling them to execute unauthorized commands, manipulate or access sensitive data, disrupt system operations and gain persistent access to affected environments.
Affected versions are
- NetApp SnapCenter Server versions before 6.0.1P1
- NetApp SnapCenter Server versions before 6.1P1
As of March 24, 2025, NetApp has not reported any public discussions or known instances of this vulnerability being actively exploited in the wild.
NetApp has released patched versions to address this vulnerability. Organizations are strongly advised to upgrade immediately to SnapCenter Server 6.0.1P1 or later or SnapCenter Server 6.1P1 or later
