The Cybersecurity and Infrastructure Security Agency (CISA) has flagged three critical vulnerabilities affecting Commvault, Active! Mail, and Broadcom Brocade solutions. These flaws have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog as serious security issues that need urgent attention from IT admins globally.
Vulnerabilities Exploited as Zero-Days
1. **CVE-2025-3928**: An unspecified vulnerability in Commvault solutions that has already been exploited in zero-day attacks. Authentication is required to exploit it, but organisation environments that are compromised could be at risk.
2. **CVE-2025-42599**: A stack-based buffer overflow in Qualitia Active! Mail, allowing unauthenticated remote code execution or denial-of-service through malicious requests. This has been actively exploited in Japan.
3. **CVE-2025-1976**: A serious code injection vulnerability in Broadcom Brocade’s Fabric OS, potentially giving local users with admin access the ability to execute arbitrary code.
Key Points
- The CISA KEV catalog has been updated to include newly identified vulnerabilities requiring immediate attention.
- CVE-2025-3928 affects Commvault and requires valid user credentials for exploitation. Fixes have been released.
- CVE-2025-42599 impacts Active! Mail users, enabling unauthenticated attackers to execute code remotely.
- CVE-2025-1976 allows users to execute arbitrary code on Broadcom Brocade devices if they have admin-level access.
- Organisations are strongly advised to apply updates and patches without delay to mitigate risks associated with these vulnerabilities.
Why should I read this?
If you’re in charge of IT security, this article is a must-read! With the CISA highlighting these vulnerabilities, you’ll want to make sure your organisation isn’t caught off-guard. We’ve combed through the details for you, so you can get straight to the action—updating and securing your systems before it’s too late.