Summary: The Cyber Security Agency of Singapore has issued a warning about a critical vulnerability in Commvault Command Center, designated CVE-2025-34028, which poses a severe risk through unauthenticated remote code execution. This vulnerability affects versions 11.38.0 to 11.38.19, allowing attackers to potentially compromise data protection systems. Commvault has released patches, urging users to update immediately or isolate affected systems.
Affected: Commvault Command Center
Keypoints :
- Vulnerability rated 10/10 on the CVSS, enabling unauthenticated remote code execution.
- Impacts both Linux and Windows versions 11.38.0 to 11.38.19 of Commvault Command Center.
- Attackers can exploit the flaw to gain control over vulnerable systems, risking data integrity.
- Commvault has released versions 11.38.20 and 11.38.25 to address the issue.
- Users are encouraged to update promptly or isolate the affected systems from network access.
Source: https://thecyberexpress.com/commvault-vulnerability-cve-2025-34028/