Commvault backup systems have an extremely worrying security issue, so patch now

• A critical-severity security flaw was found in Commvault Command Center
• It allows threat actors to run arbitrary code remotely and without authentication
• Vulnerability could lead to complete compromise

Cybersecurity researchers from watchTowr recently discovered a critical-severity flaw in Commvault Command Center that could allow threat actors to run arbitrary code remotely and without authentication.

Commvault Command Center is a web-based interface that provides centralized management for data protection, backup, recovery, and compliance across hybrid environments, used by thousands of companies worldwide across industries like healthcare, finance, government, and manufacturing.

The vulnerability is tracked as CVE-2025-34028, and has a severity score of 9.0/10 (critical).

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month

​Keeper is a cybersecurity platform primarily known for its password manager and digital vault, designed to help individuals, families, and ...