A critical vulnerability in specific versions of Commvault's Command Center allows unauthenticated remote code execution, affecting versions 11.38.0 to 11.38.19. Fixed in version 11.38.20, it should be installed automatically, but organizations must verify their configurations to ensure they receive updates. Experts suggest temporarily restricting internet access to the Command Center and closely monitoring system activities for abnormal requests. The vulnerability, discovered by a watchTowr researcher, is due to a Server-Side Request Forgery (SSRF), which lacks host restrictions for server contacts, posing significant security risks if left unaddressed.
The vulnerability, designated CVE-2025-34028, allows remote attackers to execute arbitrary code on certain versions of Commvault's Command Center. It is crucial for organizations to verify their update systems.
Heath Renfrow emphasized the urgency of this security issue, advising organizations to restrict internet access until the patch is applied and thoroughly verified.
Collection
[
|
...
]