Commvault Backup Suite Flaws Allow Attackers to Breach On-Premises Systems

Security researchers have uncovered a critical series of vulnerabilities in Commvault’s backup and data management software that could enable attackers to achieve remote code execution and compromise on-premises infrastructure.

The flaws, discovered by Watchtowr Labs, represent a significant threat to organizations relying on Commvault’s widely-deployed backup solutions.

The vulnerability chain consists of four distinct security issues that can be exploited in sequence to gain unauthorized access to Commvault systems.

These pre-authentication remote code execution (RCE) vulnerabilities allow attackers to bypass security controls and execute malicious code without requiring valid credentials.

The research, titled with characteristic humor as referencing someone “stupid enough to rob the same vault twice,” highlights the severity of chaining multiple vulnerabilities together for maximum impact.

Vulnerability Details

The discovered vulnerabilities have been assigned official CVE identifiers and span multiple attack vectors: