Vulnerability Database

300,926

Total vulnerabilities in the database

CVE-2024-13976

A DLL injection vulnerability exists in Commvault for Windows 11.20.0, 11.28.0, 11.32.0, 11.34.0, and 11.36.0. During the installation of maintenance updates, an attacker with local access may exploit uncontrolled search path or DLL loading behavior to execute arbitrary code with elevated privileges. The vulnerability has been resolved in versions 11.20.202, 11.28.124, 11.32.65, 11.34.37, and 11.36.15.

Published: Jul 25, 2025
Updated: Jul 26, 2025
CVE: CVE-2024-13976
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://documentation.commvault.com/securityadvisories/CV_2024_09_2.html
https://www.vulncheck.com/advisories/commvault-for-windows-maintenance-installer-dll-injection

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo