CVE-2025-3928
HIGH KEVCommvault Web Server <11.36.46, <11.32.89, <11.28.141, <11.20.217 -...
Title source: llmExploitation Summary
CVE-2025-3928 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added April 28, 2025.
Description
Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells." Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217 for Windows and Linux platforms. This vulnerability was added to the CISA Known Exploited Vulnerabilities (KEV) Catalog on 2025-04-28.
References (8)
Core 8
Core References
Third Party Advisory, US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-3928
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/alerts/2025/05/22/advisory-update-cyber-threat-activity-targeting-commvaults-saas-cloud-application-metallic
Vendor Advisory
https://www.commvault.com/blogs/customer-security-update
Vendor Advisory
https://www.commvault.com/blogs/notice-security-advisory-update
Vendor Advisory
https://www.commvault.com/blogs/security-advisory-march-7-2025
Third Party Advisory
https://www.bleepingcomputer.com/news/security/commvault-says-recent-breach-didnt-impact-customer-backup-data/
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-3928
Scores
CVSS v3
8.8
EPSS
0.2863
EPSS Percentile
96.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2025-04-28
VulnCheck KEV
2025-03-07
ENISA EUVD
EUVD-2025-12508
Status
published
Products (1)
commvault/commvault
11.20.0 - 11.20.217
Published
Apr 25, 2025
KEV Added
Apr 28, 2025
Tracked Since
Feb 18, 2026