By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
World of SoftwareWorld of SoftwareWorld of Software
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Search
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
Reading: Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach
Share
Sign In
Notification Show More
Font ResizerAa
World of SoftwareWorld of Software
Font ResizerAa
  • Software
  • Mobile
  • Computing
  • Gadget
  • Gaming
  • Videos
Search
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Have an existing account? Sign In
Follow US
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
World of Software > Computing > Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach
Computing

Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

News Room
Last updated: 2025/05/01 at 4:59 AM
News Room Published 1 May 2025
Share
SHARE

May 01, 2025Ravie LakshmananZero-Day / Threat Intelligence

Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of unauthorized data access.

“This activity has affected a small number of customers we have in common with Microsoft, and we are working with those customers to provide assistance,” the company said in an update.

“Importantly, there has been no unauthorized access to customer backup data that Commvault stores and protects, and no material impact on our business operations or our ability to deliver products and services.”

In an advisory issued on March 7, 2025, Commvault said it was notified by Microsoft on February 20 about unauthorized activity within its Azure environment and that the threat actor exploited CVE-2025-3928 as a zero-day. It also said it rotated affected credentials and enhanced security measures.

The disclosure comes as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-3928 to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the necessary patches for Commvault Web Server by May 19, 2025.

Cybersecurity

To mitigate the risk posed by such attacks, customers are advised to apply a Conditional Access policy to all Microsoft 365, Dynamics 365, and Azure AD single-tenant app registrations, and rotate and sync client secrets between Azure portal and Commvault every 90 days.

The company is also urging users to monitor sign-in activity to detect any access attempts originating from IP addresses outside of the allowlisted ranges. The following IP addresses have been associated with malicious activity –

  • 108.69.148.100
  • 128.92.80.210
  • 184.153.42.129
  • 108.6.189.53, and
  • 159.242.42.20

“These IP addresses should be explicitly blocked within your Conditional Access policies and monitored in your Azure sign-in logs,” Commvault said. “If any access attempts from these IPs are detected, please report the incident immediately to Commvault Support for further analysis and action.”

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Twitter Email Print
Share
What do you think?
Love0
Sad0
Happy0
Sleepy0
Angry0
Dead0
Wink0
Previous Article AI defence startup from ex-Army officer raises £9m  – UKTN
Next Article Will CapCut Be Banned With TikTok? These Alternatives Could Be the Answer
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

248.1k Like
69.1k Follow
134k Pin
54.3k Follow

Latest News

Google Wallet users in the US get another upgrade this week
News
How Chillonic’s “Chill-404” Protocol Could Transform NFTs and Memecoins | HackerNoon
Computing
Dyson’s New PencilVac Is the Lightest and Thinnest Cordless Vacuum I’ve Ever Used
News
Baseline Models for Single-Cell RNA-seq Dimensionality Reduction | HackerNoon
Computing

You Might also Like

Computing

How Chillonic’s “Chill-404” Protocol Could Transform NFTs and Memecoins | HackerNoon

5 Min Read
Computing

Baseline Models for Single-Cell RNA-seq Dimensionality Reduction | HackerNoon

6 Min Read
Computing

read, write and learn about any technology

0 Min Read
Computing

How We Collected and Analyzed Ethereum Transaction Data | HackerNoon

9 Min Read
//

World of Software is your one-stop website for the latest tech news and updates, follow us now to get the news that matters to you.

Quick Link

  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact

Topics

  • Computing
  • Software
  • Press Release
  • Trending

Sign Up for Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

World of SoftwareWorld of Software
Follow US
Copyright © All Rights Reserved. World of Software.
Welcome Back!

Sign in to your account

Lost your password?