CISA Updates KEV Database with Actively Exploited Broadcom and Commvault Vulnerabilities
TL;DR
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-severity vulnerabilities affecting Broadcom Brocade Fabric OS and Commvault Web Server to its Known Exploited Vulnerabilities (KEV) catalog. These flaws are being actively exploited in the wild. The identified vulnerabilities include:
- CVE-2025-1976: A code injection flaw with a CVSS score of 8.6.
Main Content
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced on Monday the addition of two high-severity security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These flaws impact Broadcom Brocade Fabric OS and Commvault Web Server and are currently being actively exploited in the wild.
Vulnerabilities Details
The vulnerabilities in question are:
- CVE-2025-1976: This code injection flaw has a CVSS score of 8.6, indicating a high level of severity.
Impact and Mitigation
The inclusion of these vulnerabilities in the KEV catalog highlights the urgent need for organizations to address and mitigate these risks. Active exploitation in the wild underscores the potential for significant security breaches if left unpatched.
For more detailed information, visit the full article: source.
Conclusion
The addition of these vulnerabilities to the KEV catalog serves as a critical reminder for organizations to prioritize patch management and security updates. Staying vigilant and proactive in addressing known exploited vulnerabilities is essential for maintaining robust cybersecurity defenses.