Heap-based Buffer Overflow in Arcserve Unified Data Protection
CVE-2025-34522

9.2CRITICAL

Key Information:

Vendor: Arcserve
Status: Unified Data Protection (udp)
Vendor: CVE Published:; 27 August 2025

What is CVE-2025-34522?

A vulnerability exists in the input parsing logic of Arcserve Unified Data Protection that can be exploited through heap-based buffer overflow. This flaw allows unauthorized attackers to send specially crafted inputs which compromise heap memory, resulting in application instability or enabling remote code execution. The exploitation does not require user interaction and can occur pre-authentication. All versions prior to 10.2 are affected, while versions 8.0 through 10.1 need urgent patching or upgrading. Version 10.2 incorporates necessary security fixes.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Unified Data Protection (UDP) 8.0 <= 10.1

Unified Data Protection (UDP) * <= 7.x

Unified Data Protection (UDP) 10.2

References

https://support.arcserve.com/s/article/Important-Security...

vendor-advisorypatch

CVSS V4

Score:

9.2

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Aug 27, 2025
Vulnerability Reserved
Apr 15, 2025

Credit

watchTowr

JSON

Arcserve

What is CVE-2025-34522?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.