Authentication Bypass Vulnerability in Arcserve Unified Data Protection
CVE-2025-34520

7.7HIGH

Key Information:

Vendor: Arcserve
Status: Unified Data Protection (udp)
Vendor: CVE Published:; 27 August 2025

What is CVE-2025-34520?

This vulnerability in Arcserve Unified Data Protection allows attackers to exploit specific request parameters to bypass authentication mechanisms. As a result, unauthorized users can gain access to protected functionalities and potentially compromise user accounts. All versions prior to 10.2 are impacted, and while version 10.2 includes the necessary security patches, users of versions 8.0 through 10.1 are advised to apply patches or upgrade. Earlier versions (7.x and below) are unsupported and must be upgraded to ensure security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Unified Data Protection (UDP) 8.0 <= 10.1

Unified Data Protection (UDP) * <= 7.x

Unified Data Protection (UDP) 10.2

References

https://support.arcserve.com/s/article/Important-Security...

vendor-advisorypatch

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Aug 27, 2025
Vulnerability Reserved
Apr 15, 2025

Credit

watchTowr

JSON

Arcserve

What is CVE-2025-34520?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.