CVE-2025-34394

UNKNOWN 0.0

Barracuda RMM < 2025.1.1 Service Center .NET Remoting Deserialization RCE

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution.

CWE	CWE-502
Vendor	barracuda networks
Product	rmm
Published	Dec 10, 2025
Last Updated	Mar 5, 2026

Stay Ahead of the Next One

Get instant alerts for barracuda networks rmm

Be the first to know when new unknown vulnerabilities affecting barracuda networks rmm are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Barracuda Networks / RMM

2025.1 < 2025.1.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

download.mw-rmm.barracudamsp.com: https://download.mw-rmm.barracudamsp.com/PDF/2025.1.1/RN_BRMM_2025.1.1_EN.pdf barracuda.com: https://www.barracuda.com/products/msp/network-protection/rmm vulncheck.com: https://www.vulncheck.com/advisories/barracuda-rmm-service-center-net-remoting-deserialization-rce

Credits

Piotr Bazydlo of watchTowr