Attackers who take advantage of vulnerability could execute any existing FOS command or even alter the operating system itself by injection of personalized subroutines. Although the exploit It requires initial access to an account with administrator privileges, the company has confirmed that vulnerability has already been detected in real attacks.
As it has been known, versions 9.2.0 and later of Brocade FOS, Brocade Ascg and Brocade Sannav products have not been affected. Anyway, lCISA has recommended to the agencies of the Federal Civil Executive Power (FCEB) that vulnerability according to the Bod 22-01 directive.
The same kev update included a community failure
The CISA has also added to its KEV catalog a high -gravity error (CVSS 8.7/10) that affects the Commvault web server, and has recommended applying the patch according to the same BOD directive.
The failure, identified as CVE-2025-3928, consists of an un specified vulnerability that can be exploited by an authenticated remote attacker to execute webshells. All versions prior to 11.36.46, 11.32.89, 11.28.141 and 11.20.217 are affected and must be updated to the latest versions.
In a statement, Commvault has warned that “to exploit this vulnerability, the attacker must have authenticated user credentials in the Commvault software environment. The non -authenticated access is not exploitable.”
Vulnerability affects Comserve, web servers and the Commvault command center, and must be resolved in these solutions, while client teams are not affected.
