DLL Injection Vulnerability in Commvault for Windows
CVE-2024-13976
8.5HIGH
What is CVE-2024-13976?
A DLL injection vulnerability is present in Commvault for certain versions of Windows, which allows attackers with local access to exploit uncontrolled search path or DLL loading behavior. This exploitation can lead to the execution of arbitrary code with elevated privileges during maintenance update installations. This issue has been addressed in the latest versions, ensuring users are protected against potential unauthorized access.
Affected Version(s)
Commvault for Windows Windows 11.20.0 < 11.20.202
Commvault for Windows Windows 11.28.0 < 11.28.124
Commvault for Windows Windows 11.32.0 < 11.32.65