Rmm
Monthly
Local privilege escalation in Barracuda RMM (all versions prior to 2025.2.2) enables authenticated Windows users to execute arbitrary code as NT AUTHORITY\SYSTEM by writing malicious files to the insecurely-permissioned C:\Windows\Automation directory. Vendor-released patch version 2025.2.2 addresses the filesystem ACL misconfiguration. EPSS data unavailable; no confirmed active exploitation (not in CISA KEV), though VulnCheck public advisory increases likelihood of POC development. CVSS 8.5 reflects high local impact requiring only low-privileged authentication.
Local privilege escalation in Barracuda RMM (all versions prior to 2025.2.2) enables authenticated Windows users to execute arbitrary code as NT AUTHORITY\SYSTEM by writing malicious files to the insecurely-permissioned C:\Windows\Automation directory. Vendor-released patch version 2025.2.2 addresses the filesystem ACL misconfiguration. EPSS data unavailable; no confirmed active exploitation (not in CISA KEV), though VulnCheck public advisory increases likelihood of POC development. CVSS 8.5 reflects high local impact requiring only low-privileged authentication.