CISA Warns of Critical Vulnerabilities in Commvault, Active! Mail, and Broadcom Brocade: Urgent Updates Needed

April 29, 2025
CISA Warns of Critical Vulnerabilities in Commvault, Active! Mail, and Broadcom Brocade: Urgent Updates Needed
Tech
Tech
Cybersecurity
Cybersecurity

  • CISA has set deadlines for organizations to apply fixes, with May 17, 2025, for CVE-2025-3928 and May 19, 2025, for the other two vulnerabilities.

  • The critical vulnerability in Commvault's Backup & Recovery software, identified as CVE-2025-3928, allows authenticated attackers to inject and execute web shells through its web server.

  • CVE-2025-3928 was exploited in zero-day attacks by a nation-state actor before being patched in late February 2024, but it still poses a risk to users of affected versions.

  • Despite requiring authentication, the Commvault flaw allows attackers to remotely deploy web shells on exposed servers, raising significant security concerns.

  • The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding ongoing cyberattacks exploiting vulnerabilities in Commvault, Active! Mail, and Broadcom Brocade solutions, as of April 28, 2025.

  • CISA has identified three actively exploited vulnerabilities in its Known Exploited Vulnerabilities catalog, prompting urgent action from system administrators.

  • While CISA has not disclosed specific details about the nature or scale of the attacks, IT administrators are strongly urged to install the necessary updates promptly to mitigate exposure.

  • In addition, a critical vulnerability in Broadcom's Fabric OS, CVE-2025-1976, allows local users with admin rights to execute arbitrary code with root privileges, and has been actively exploited.

  • Broadcom has confirmed that this vulnerability affects Fabric OS versions 9.1.0 through 9.1.1d6, with a fix available in version 9.1.1d7.

  • Active! Mail also has a critical stack-based buffer overflow vulnerability (CVE-2025-42599) that can be exploited to crash the service or execute malicious code without authentication.

  • Qualitia has released a patch in Active! Mail version 6 BuildInfo: 6.60.06008562 to address this vulnerability, which affects all versions up to BuildInfo: 6.60.05008561.

  • Recent service outages reported by Japanese CERT and ISPs have been linked to exploitation activities related to these vulnerabilities.

Summary based on 3 sources

Get a daily email with more Tech stories

Sources

CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks

BleepingComputer • Apr 29, 2025

CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks
CISA warns about actively exploited Broadcom, Commvault vulnerabilities - Help Net Security

Help Net Security • Apr 29, 2025

CISA warns about actively exploited Broadcom, Commvault vulnerabilities - Help Net Security

More Stories