Primary

Context

Barracuda RMM Privilege Escalation Vulnerability in Automation Directory

Vulnerability

A privilege escalation vulnerability has been identified in Barracuda RMM versions prior to 2025.2.2. This vulnerability allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem access control lists (ACLs) on the C:\Windows\Automation directory. Attackers can either modify existing automation content or introduce their own files into this directory. These files are executed under the NT AUTHORITY\SYSTEM account during regular automation cycles, usually within the next execution cycle.

Impact

Exploitation of this vulnerability allows local attackers to gain SYSTEM-level privileges.

Remediation

Users are advised to update to Barracuda RMM version 2025.2.2 or later. Instructions for updating Onsite Managers and Device Managers are available in the Barracuda RMM Release Notes for version 2025.2.2.

Added: Apr 15, 2026, 10:11 PM

Updated: Apr 15, 2026, 10:11 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.9

remediation

0.0

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.9

remediation

0.0

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Barracuda RMM Privilege Escalation Vulnerability in Automation Directory

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating