The Barracuda RMM (Remote Monitoring and Management) Service Center is a software solution used by some organizations to manage their remote devices. This vulnerability allows attackers to execute arbitrary code on the Barracuda RMM Service Center instance, potentially leading to unauthorized access to sensitive data.
You're affected if you use Barracuda RMM Service Center versions prior to 2025.1.1. Check with: download.mw-rmm.barracudamsp.com/PDF/2025.1.1/RN_BRMM_2025.1.1_EN.pdf
Note: This vulnerability is specific to the Barracuda RMM Service Center, which is a niche software solution. If you don't recognize this name, you're probably not affected.
Version info: Not specified in the advisory.
Upgrade to Barracuda RMM Service Center 2025.1.1 or later. (https://www.barracuda.com/products/msp/network-protection/rmm)
- Immediate mitigations:
- Restrict network access to your Barracuda RMM Service Center instance (firewall it from the public internet)
- Audit admin account activity for suspicious access patterns
- Monitor for unauthorized token creation