commvault News Articles

Recent news articles refferecing the vendors vulnerabilities.

CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs

Commvault app secrets exposed via CVE-2025-3928 in Azure; CISA warns of broader SaaS campaign

1 week ago

Commvault: Vulnerability Patch Works as Intended

The security researcher who questioned the effectiveness of a patch for recently disclosed bug in Commvault Command Center did not test patched version, the company says.

3 weeks ago

CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation

3 weeks ago

Researcher Says Fixed Commvault Bug Still Exploitable

CISA added CVE-2025-34028 to its Known Exploited Vulnerabilities catalog, citing active attacks in the wild.

4 weeks ago

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

CISA adds CVE-2025-34028 to KEV list after real-world exploits, forcing federal patching by May 23.

4 weeks ago

Critical Commvault Vulnerability in Attacker Crosshairs

CISA has flagged a critical-severity Commvault vulnerability as exploited one week after technical details were released.

1 month ago

Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

Commvault confirms Azure breach via CVE-2025-3928 zero-day + no data loss + CISA mandates patch by May 19.

1 month ago

Commvault Shares IoCs After Zero-Day Attack Hits Azure Environment

After CVE-2025-3928 was exploited as a zero-day, Commvault shares attack details, IoCs, and best practices to lock down systems.

Commvault says recent breach didn't impact customer backup data

Commvault, a leading provider of data protection solutions, says a nation-state threat actor who breached its Azure environment didn't gain access to customer backup data.

CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of Broadcom Brocade Fabric OS, Commvault web servers, and Qualitia Active! Mail clients vulnerabilities that are actively exploited in attacks.

CISA warns about actively exploited Broadcom, Commvault vulnerabilities - Help Net Security

CISA has added three new flaws to its Known Exploited Vulnerabilities catalog, affecting Commvault, Active! Mail, and Broadcom solutions.

CISA Issues Warning on Commvault Web Server Flaw Exploited in the Wild

CISA has issued a new security warning about a critical vulnerability affecting the Commvault Web Server, built into one of the industry’s leading data protection platforms.

CISA Issues Warning on Commvault Web Server Flaw Exploited in the Wild

CISA has issued a new security warning about a critical vulnerability affecting the Commvault Web Server, built into one of the industry’s leading data protection platforms.

CISA Issues Warning on Commvault Web Server Flaw Exploited in the Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert concerning a newly disclosed security flaw in the Commvault Web Server.

Critical Commvault Flaw Allows Full System Takeover - Update NOW

Enterprises using Commvault Innovation Release are urged to patch against CVE-2025-34028. This flaw allows attackers to run code remotely.

CSA Warns Of Commvault Vulnerability (CVE-2025-34028)

The Cyber Security Agency of Singapore (CSA) has warned users of critical Commvault vulnerability (CVE-2025-34028), urging immediate action.

Critical Vulnerability in Commvault Command Center

Commvault has released security updates addressing a critical vulnerability affecting their Command Center installation.

Max-Severity Commvault Bug Alarms Researchers

Though already patched, the vulnerability is especially problematic because of the highly privileged access it offers to business-critical systems, sensitive data, and backups for attackers.

Highest-Risk Security Flaw Found in Commvault Backup Solutions

A critical path traversal vulnerability in Commvault’s backup and replication solutions has been reported

Commvault RCE Vulnerability Exploited—PoC Released

The disclosure of a major pre-authenticated remote code execution (RCE) vulnerability in Commvault’s on-premise backup and recovery software.

Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) - Help Net Security

A critical Commvault Command Center vulnerability (CVE-2025-34028) that could allow unauthenticated remote code execution has been fixed.

Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely

Commvault flaw CVE-2025-34028 enables pre-auth SSRF leading to code execution; fix in 11.38.20+ versions.

No more news articles to load.