Symantec has patched a critical vulnerability in its Veritas NetBackup software that could be used to seize control of an unpatched system.

A bug in the Java authentication service, used by both NetBackup servers and clients, could be exploited by means of a specially crafted command, which could give attackers control of the system, said the French Security Incident Response Team.

The vulnerability affects NetBackup versions 4.5, 5.0, 5.1 and 6.0, on virtually all operating system platforms, Symantec said in a statement. The software vendor is not aware of any exploits for this problem, but the company "strongly recommends" that customers update their software with patches on its website.