- A security flaw for critical severity was found in the Commvault command center
- It allows threat actors to execute an arbitrary code from a distance and without authentication
- Vulnerability could lead to a complete compromise
Watchtowr cybersecurity researchers recently discovered a critical severity flaw at the Commvault Commvault Command Center which could allow threat actors to execute arbitrary remote code and without authentication.
Commvault Command Center is a web interface that provides centralized data protection management, backup, recovery and compliance in hybrid environments, used by thousands of companies worldwide in all sectors such as health care, finance, government and manufacturing.
Vulnerability is followed as CVE-2025-34028 and has a gravity score of 9.0 / 10 (critic).
Second increase
“A vulnerability of critical security has been identified in the installation of the order center, allowing distant attackers to execute arbitrary code without authentication,” said the security board.
“This vulnerability could lead to a complete compromise of the environment of the control center. Fortunately, other installations of the same system are not affected by this vulnerability. ”
Since this defect allows distant attackers to execute an arbitrary code without authentication, a threat player could operate it to obtain unauthorized access, for example, the backup system of a government agency.
Once inside, they could handle or delete sensitive data, disrupt operations or install malware to maintain control.
This could lead to data violations, operational downtime and a loss of public confidence. In the end, if classified information end up being exposed, this could be transformed into a national security problem.
Multiple versions are affected by vulnerability: 11.38 Release of innovation, versions 11.38.0 to 11.38.19. Users who seek to mitigate the fault should opt for versions 11.38.20 and 11.38.25.
Until now, there is no evidence of abuse in nature, and there is not yet proof of concept (POC). However, most threat actors do not look for zero day vulnerabilities, but are waiting for safety researchers to find and correct a defect.
They bet that many users will not correct their ending points in time, remaining vulnerable and therefore easily exploitable.
Via The Hacker News
