Critical Commvault Vulnerabilities Enable Remote Code Execution via Pre-Auth Exploit Chains

Commvault has released updates addressing four security vulnerabilities in versions prior to 11.36.60, which could allow remote code execution (RCE) on vulnerable instances. Among these, CVE-2025-57788 (CVSS score: 6.9) stands out as it permits unauthenticated attackers to execute API calls without user authentication. This vulnerability is particularly concerning due to its potential to be chained with other flaws to achieve RCE, thereby allowing attackers to execute arbitrary code on affected systems. Given that Commvault is widely used for data protection and management, these vulnerabilities pose significant risks, including data exfiltration, malware deployment, and lateral movement within networks. Organizations are strongly advised to update to version 11.36.60 or later immediately. Additionally, monitoring for suspicious API activity and reviewing access controls are recommended to mitigate risks. This incident underscores the critical importance of timely patching and robust vulnerability management in enterprise environments.