iXsystems

iXsystems, known for their TrueNAS storage and FreeBSD-based solutions, has a high-severity vulnerability (CVSS 8.0) that requires local network access and authenticated user privileges to exploit, but allows an attacker to completely compromise system confidentiality, integrity, and availability. The vulnerability was reported in February 2025 with a four-month vendor remediation window, giving organizations until June 2025 to apply patches. Security teams should monitor for this advisory's resolution and prioritize patching once fixes become available, particularly for exposed iXsystems storage infrastructure that may be accessible to authenticated users.