CVE-2025-3928
high-risk
Published 2025-04-25
Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells." Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217 for Windows and Linux platforms. This vulnerability was added to the CISA Known Exploited Vulnerabilities (KEV) Catalog on 2025-04-28.
Do I need to act?
!
16.2% chance of exploitation in next 30 days
EPSS score — higher than 84% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10
High
NETWORK
/ LOW complexity
Affected Products (1)
Affected Vendors
References (8)
Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext...
Third Party Advisory
https://www.cisa.gov/news-events/alerts/2025/05/22/advisory-update-cyber-threat-...
Vendor Advisory
https://www.commvault.com/blogs/customer-security-update
Vendor Advisory
https://www.commvault.com/blogs/notice-security-advisory-update
Vendor Advisory
https://www.commvault.com/blogs/security-advisory-march-7-2025
Third Party Advisory
https://www.bleepingcomputer.com/news/security/commvault-says-recent-breach-didn...
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-...
55
/ 100
high-risk
Severity
30/34 · Critical
Exploitability
20/34 · Moderate
Exposure
5/34 · Minimal