Barracuda RMM < 2025.2.2 Privilege Escalation via Insecure Directory Permissions

8.5 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation content or place attacker-controlled files in this directory, which are then executed under the NT AUTHORITY\SYSTEM account during routine automation cycles, typically succeeding within the next execution cycle.

AI Analysis

Privilege escalation vulnerability via insecure directory permissions

Basic Information

ID CVE-2026-22676

Source VulnCheck

Published Apr 15, 2026 at 20:45

Affected Product

Vendor Barracuda Networks

Product RMM

Affected Versions Barracuda Networks RMM 0

CWE Classification

CWE-732

AI Assessment

AI Score 8.5 / 10

AI Severity High

Vendor Barracuda Networks

Product Barracuda RMM

Version < 2025.2.2

References

{
    "lastseen": "",
    "description": "Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\\Windows\\Automation directory. Attackers can modify existing automation content or place attacker-controlled files in this directory, which are then executed under the NT AUTHORITY\\SYSTEM account during routine automation cycles, typically succeeding within the next execution cycle.",
    "published": "2026-04-15T20:45:23.918Z",
    "modified": "2026-04-15T20:45:23.918Z",
    "type": "cve",
    "title": "Barracuda RMM < 2025.2.2 Privilege Escalation via Insecure Directory Permissions",
    "source": "VulnCheck",
    "references": "https://download.mw-rmm.barracudamsp.com/PDF/2025.2.2/RN_BRMM_2025.2.2_EN.pdf\nhttps://www.vulncheck.com/advisories/barracuda-rmm-privilege-escalation-via-insecure-directory-permissions",
    "id": "CVE-2026-22676",
    "bulletinFamily": "",
    "cwe": [
        "CWE-732"
    ],
    "cvelist": null,
    "sourceData": "Barracuda Networks RMM 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RMM",
    "version": "0",
    "vendor": "Barracuda Networks",
    "ai_description": "Privilege escalation vulnerability via insecure directory permissions",
    "ai_severity": "High",
    "ai_vendor": "Barracuda Networks",
    "ai_product": "Barracuda RMM",
    "ai_version": "< 2025.2.2",
    "ai_score": 8.5
}

Barracuda RMM < 2025.2.2 Privilege Escalation via Insecure Directory Permissions_CVE-2026-22676