Security News > 2025 > April > CISA warns about actively exploited Broadcom, Commvault vulnerabilities
2025-04-29 12:34
The Cybersecurity and Infrastructure Security Agency (CISA) has added three new flaws to its Known Exploited Vulnerabilities catalog on Monday, affecting Commvault (CVE-2025-3928), Active! Mail (CVE-2025-42599), and Broadcom Brocade (CVE-2025-1976) solutions. CISA’s KEV catalog is constantly updated and provides IT admins in US federal civilian agencies with instructions on how to remediate these threats and by which date (as mandated by the Binding Operational Directive 22-01), but this living document can also come in handy … More → The post CISA warns about actively exploited Broadcom, Commvault vulnerabilities appeared first on Help Net Security.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-25 | CVE-2025-3928 | Unspecified vulnerability in Commvault Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. | 8.8 |
| 2025-04-24 | CVE-2025-1976 | OS Command Injection vulnerability in Broadcom Fabric Operating System Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6. | 6.7 |
| 2025-04-18 | CVE-2025-42599 | Stack-based Buffer Overflow vulnerability in Qualitia Active! Mail Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. | 9.8 |