The Enterprise Data Commvault data platform showed that an unknown actor on the threat of a nation-state violated its Microsoft Azure Wednesday using CVE-2025-3928, but stressed that there is no evidence of unauthorized access to the data.
“This activity has affected the small number of customers we have in common with Microsoft and we work with these customers to assist,” the company – Note In updates.
“It is important to note that there has been no unauthorized access to customer backup data that Commvault retain and protect, and a significant impact on our businesses or our ability to deliver products and services.”
In the advice removed On March 7, 2025, Commvault stated that Microsoft was reported on February 20 about the unauthorized activity within its Azure conditions, and that the actor threatens the Cve-2025-3928 as a zero day. It also states that he had turned the victims and strengthened security measures.
The disclosure of information occurs when the US Cybersecurity Agency and CISA (CISA) added CVE-2025-3928 to its famous exploited vulnerabilities (KEV), which requires the Federal Civil Executive (FCEB) to apply the necessary Commvult web-server patches to 19 May 2025.
To mitigate the risk provided by such attacks, customers are advised to apply conditional access policies to all Microsoft 365, Dynamics 365, as well as registration of Azure AD applications, as well as turn and synchronize customers’ secrets between Azure and Commvault.
The company also urges users to follow the entry activities to identify any access attempts from IPs outside the ranges concerning the list. The following IP -ses were associated with malicious activity –
- 108.69.148.100
- 128.92.80.210
- 184.153.42.129
- 108.6.189.53, and
- 159.242.42.20
“These IP addresses should be clearly blocked within your conditional access policies and are controlled in the Azure signing logs,” Commvault – Note. “If you have any attempts to access these IPS, please report the incident immediately in support of Commvault for further analysis and action.”
