Unrated severityNVD Advisory· Published Dec 10, 2025· Updated Mar 5, 2026

Barracuda RMM < 2025.1.1 Service Center .NET Remoting Deserialization RCE

CVE-2025-34394

Description

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution.

Affected products

Microfocus/Service Center Serverllm-fuzzy
Range: <2025.1.1
Barracuda Networks/RMMv5
Range: 2025.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

download.mw-rmm.barracudamsp.com/PDF/2025.1.1/RN_BRMM_2025.1.1_EN.pdfmitrevendor-advisorypatch
www.vulncheck.com/advisories/barracuda-rmm-service-center-net-remoting-deserialization-rcemitrethird-party-advisory
www.barracuda.com/products/msp/network-protection/rmmmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000