do son 
A high-severity security vulnerability has been discovered in NetApp SnapCenter, posing a significant risk to systems utilizing this platform. NetApp has released a security advisory detailing the issue and urging users to take immediate action.
SnapCenter Software is described as “a simple, centralized, scalable platform that provides application-consistent data protection for applications, databases, host file systems, and VMs running on ONTAP systems anywhere in the Hybrid Cloud.”
The vulnerability, tracked as CVE-2025-26512 (CVSS 9.9), is a privilege escalation flaw. The advisory states that “SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed.”
Successful exploitation of this vulnerability could have severe consequences. According to the advisory, it “could allow an authenticated SnapCenter user to escalate their privileges on a remote system.” This escalation of privileges could grant unauthorized access to sensitive data and critical system functions.
NetApp is providing software fixes to address this vulnerability. Users can obtain these fixes through the NetApp Support website in the Software Download section.
Users of affected SnapCenter versions are strongly advised to visit the NetApp Support website and apply the provided updates as soon as possible to mitigate the risk posed by this vulnerability.
