CISA Sounds the Alarm: Broadcom and Commvault Flaws Under Active Exploitation! ️

Two new vulnerabilities added to CISA’s Known Exploited Vulnerabilities (KEV) catalogue are now being actively exploited by malicious actors.
The first relates to a code injection vulnerability in Broadcom’s Brocade Fabric OS, used in storage area networks (SANs), enabling a local user to gain full root privileges.
The second is a web server vulnerability in Commvault, which allows an unauthenticated user to execute arbitrary commands on the underlying operating system with the privileges of the commServe user.
Both vulnerabilities have high CVSS scores and CISA has urged organisations to remediate these vulnerabilities as soon as possible.
These alerts are particularly important for anyone responsible for the security of IT networks and systems, as they highlight known issues that are currently being exploited in the wild, making them a prominent risk.

Fast Feed