Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

CVE-2025-34522: CWE-122 Heap-based Buffer Overflow in Arcserve Unified Data Protection (UDP)

0
Critical
VulnerabilityCVE-2025-34522cvecve-2025-34522cwe-122
Published: Wed Aug 27 2025 (08/27/2025, 21:19:33 UTC)
Source: CVE Database V5
Vendor/Project: Arcserve
Product: Unified Data Protection (UDP)

Description

A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection (UDP). This flaw can be triggered without authentication by sending specially crafted input to the target system. Improper bounds checking allows an attacker to overwrite heap memory, potentially leading to application crashes or remote code execution. Exploitation occurs in the context of the affected process and does not require user interaction. The vulnerability poses a high risk due to its pre-authentication nature and potential for full compromise. This vulnerability affects all UDP versions prior to 10.2. UDP 10.2 includes the necessary patches and requires no action. Versions 8.0 through 10.1 are supported and require either patch application or upgrade to 10.2. Versions 7.x and earlier are unsupported or out of maintenance and must be upgraded to 10.2 to remediate the issue.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 02/27/2026, 01:44:04 UTC

Technical Analysis

CVE-2025-34522 is a heap-based buffer overflow vulnerability identified in the input parsing component of Arcserve Unified Data Protection (UDP), a widely used backup and disaster recovery solution. The vulnerability arises due to improper bounds checking during input processing, allowing an attacker to overwrite heap memory. This memory corruption can cause the application to crash or enable remote code execution (RCE) within the context of the UDP process. Notably, the vulnerability can be triggered remotely without any authentication or user interaction, significantly increasing its risk profile. The flaw affects all UDP versions prior to 10.2, including supported releases 8.0 through 10.1, while version 10.2 includes the necessary patches to remediate the issue. Unsupported versions 7.x and earlier are also vulnerable and require upgrading. The CVSS 4.0 base score is 9.2 (critical), reflecting network attack vector, no privileges or user interaction required, and high impact on confidentiality, integrity, and availability. The vulnerability was reserved in April 2025 and published in August 2025, with no known exploits in the wild at the time of disclosure. Due to the critical nature of UDP in enterprise backup environments, exploitation could lead to severe operational disruption and potential data compromise.

Potential Impact

The vulnerability poses a critical risk to organizations using Arcserve UDP for backup and disaster recovery. Successful exploitation can lead to remote code execution, allowing attackers to execute arbitrary code with the privileges of the UDP process. This can result in full compromise of backup infrastructure, potentially enabling attackers to delete or manipulate backup data, disrupt recovery operations, or use the compromised system as a foothold for lateral movement within the network. The lack of authentication and user interaction requirements makes the attack vector broad and accessible to remote attackers. Organizations relying on UDP for critical data protection may face significant operational downtime, data loss, and increased risk of ransomware or other advanced persistent threats leveraging this vulnerability. The impact extends to confidentiality, integrity, and availability of backup data and systems, threatening business continuity and compliance with data protection regulations.

Mitigation Recommendations

Organizations should immediately assess their UDP deployments and prioritize upgrading to Arcserve UDP version 10.2, which contains the official patch for this vulnerability. For environments unable to upgrade promptly, applying any available vendor-provided patches or workarounds is essential. Network-level mitigations include restricting UDP management interfaces to trusted internal networks and implementing strict firewall rules to block unauthorized access. Monitoring network traffic for anomalous input patterns targeting UDP services can help detect exploitation attempts. Employing intrusion detection/prevention systems (IDS/IPS) with updated signatures for this vulnerability is recommended. Additionally, organizations should review and harden access controls around backup infrastructure, enforce least privilege principles, and maintain regular backups of backup configurations to enable rapid recovery. Incident response plans should be updated to include this vulnerability, and security teams should stay alert for emerging exploit reports or indicators of compromise related to CVE-2025-34522.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulnCheck
Date Reserved
2025-04-15T19:15:22.612Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 68af7981ad5a09ad006645c2

Added to database: 8/27/2025, 9:32:49 PM

Last enriched: 2/27/2026, 1:44:04 AM

Last updated: 3/22/2026, 8:16:40 PM

Views: 208

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses