Ethical Hacking News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw impacting Commvault Command Center to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, CVE-2025-34028, is a path traversal bug that affects 11.38 Innovation Release and allows remote, unauthenticated attackers to execute arbitrary code. Organizations must take immediate action to patch their systems and ensure they are not affected by this vulnerability.
CISA has added a maximum-severity security flaw (CVE-2025-34028) to its Known Exploited Vulnerabilities (KEV) catalog, impacting Commvault Command Center. The vulnerability is a path traversal bug that allows remote, unauthenticated attackers to execute arbitrary code. Exploitation affected a small number of customers, but there was no unauthorized access to customer backup data. Federal Civilian Executive Branch (FCEB) agencies must apply necessary patches by May 23, 2025, to secure their networks. The vulnerability highlights the importance of staying up-to-date with software updates and patches.
The cybersecurity landscape has become increasingly complex, with new vulnerabilities and threats emerging on a daily basis. In recent times, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw impacting Commvault Command Center to its Known Exploited Vulnerabilities (KEV) catalog, a little over a week after it was publicly disclosed. The vulnerability in question is CVE-2025-34028, a path traversal bug that affects 11.38 Innovation Release, from versions 11.38.0 through 11.38.19. It has been addressed in versions 11.38.20 and 11.38.25.
According to CISA, Commvault Command Center contains a path traversal vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code. This essentially permits an attacker to upload ZIP files that, when decompressed on the target server, could result in remote code execution. The problem resides in an endpoint called "deployWebpackage.do" that triggers a pre-authenticated Server-Side Request Forgery (SSRF), ultimately resulting in code execution when using a ZIP archive file containing a malicious .JSP file.
The exploitation activity affected a small number of customers, but there has been no unauthorized access to customer backup data. However, the Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary patches by May 23, 2025, to secure their networks and prevent potential attacks.
This vulnerability highlights the importance of staying up-to-date with software updates and patches. Organizations that fail to address this issue may be at risk of being exploited by malicious actors. In light of this critical security alert, it is essential for organizations to take immediate action to patch their Commvault Command Center systems and ensure that they are not affected by this vulnerability.
The discovery of CVE-2025-34028 also underscores the need for robust cybersecurity measures. Cybersecurity companies such as watchTowr Labs have been credited with discovering and reporting the bug, demonstrating the importance of vigilant monitoring and testing. By staying informed about emerging vulnerabilities and taking proactive steps to address them, organizations can help protect themselves against potential attacks.
Furthermore, this vulnerability serves as a reminder of the ongoing cat-and-mouse game between cybersecurity professionals and malicious actors. As new vulnerabilities are discovered, it is essential for organizations to stay ahead of the threat landscape by investing in robust security measures and staying informed about emerging threats.
In conclusion, the Commvault Command Center vulnerability highlights the critical importance of addressing software updates and patches promptly. Organizations must take immediate action to patch their systems and ensure that they are not affected by this vulnerability. By staying informed and taking proactive steps to address emerging threats, organizations can help protect themselves against potential attacks and maintain their cybersecurity posture.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Commvault-Command-Center-Vulnerability-A-Critical-Security-Alert-for-Organizations-ehn.shtml
https://thehackernews.com/2025/05/commvault-cve-2025-34028-added-to-cisa.html
https://cloudindustryreview.com/commvault-cve-2025-34028-included-in-cisa-kev-following-confirmed-active-exploitation/
https://nvd.nist.gov/vuln/detail/CVE-2025-34028
https://www.cvedetails.com/cve/CVE-2025-34028/
Published: Mon May 5 14:04:36 2025 by llama3.2 3B Q4_K_M
