Exploitable Storage and Backup Vulnerabilities

On May 1^st, enterprise backup vendor, Commvault revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928.

That wasn’t the only vulnerability making headlines. A few days earlier, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) officially added a significant security flaw affecting Broadcom’s Brocade Storage Fabric OS to its authoritative catalog, underscoring the urgent need for remediation across enterprise and government environments.

The vulnerability has the potential to allow local attackers with administrative privileges to execute arbitrary code with full root access.

This escalation of privilege could enable a complete compromise of the underlying storage network infrastructure, posing significant risks to data integrity and operational continuity.

Not Isolated Cases: A Growing List of Exploited Vulnerabilities

The exploitation of Commvault and Brocade is far from isolated incidents. In recent months, multiple vulnerabilities in storage and backup solutions have been discovered and actively exploited. Examples include:

Veeam Backup & Replication:

CVE-2022-26500 and CVE-2022-26501: These vulnerabilities allow remote, unauthenticated attackers to execute arbitrary code. They were actively exploited by ransomware groups like Monti and Yanluowang shortly after discovery, emphasizing the importance of timely patching.

MinIO:

CVE-2023-28432: This vulnerability in MinIO’s Multi-Cloud Object Storage framework allows attackers to return all environment variables, including sensitive information like MINIO_SECRET_KEY and MINIO_ROOT_PASSWORD.

Attackers were caught exploiting the above MinIO vulnerability, as reported by CISA.

Veritas Backup Exec:

CVE-2021-27876: This vulnerability allows unauthorized file access through the Backup Exec Agent.

This vulnerability had been actively exploited, highlighting the risks associated with unpatched backup solutions.

Oracle ZFS Storage Appliance:

CVE-2020-14871: Easy-to-use, actively exploited vulnerability that allows unauthenticated attacker to compromise the system, causing high impacts to confidentiality, integrity, and availability. 

Why Storage & Backup Security Matters More Than Ever

From ransomware to insider threats, if your primary storage is compromised, hundreds or thousands of workloads — databases, containers, VMs — can go down in a flash.

Worse still, if your backup systems are compromised, there’s no Plan B. No way to recover. You’re out of options.

On average, each enterprise storage or backup device has 10 vulnerabilities, including 5 critical or high-severity ones. Yet most organizations have limited visibility into these weaknesses.

Two Key Steps to Fortify Your Storage & Backup Systems

1. Build a Secure Configuration Baseline

Define secure settings per product (e.g. Dell, Pure, Hitachi Vantara, NetApp, Rubrik, Cohesity) – and ensure they’re reviewed and refreshed regularly. A secure baseline includes both system-level and security controls that reflect vendor guidance and real-world attack patterns.

2. Perform a Gap Assessment

Vulnerability and Patch Management

1 Ability to scan our Storage & Backup appliances?

2 Authenticated scan for vulnerabilities and missing patches ? Runs Platform-Specific APIs / Commands?

3 Automatic detection and remediation validation? (Patch / mitigating configuration)

4 Solid inventory of all Storage & Backup arrays, appliances, nodes & software?

Security Baseline, Configuration Compliance and Drift Management

5 Defined target system & security settings for Storage & Backup Platforms?

6 Repeatable way to assess security misconfigurations? Continuous drift detection?

Knowledge

7 Expertise in securing Storage & Backup technologies?

8 Researched security best practices & hardening instructions for Storage & Backup Platforms?

Gap assessments surface weak spots you didn’t know existed.

What a Complete Storage & Backup Security Program Looks Like

Storage and backup systems are your organization’s most critical — and ironically most overlooked — assets. They deserve the same security rigor as endpoints, networks, and apps.

A well-architected Security Posture Management plan for storage and backups includes:

• Vulnerability management tailored to the environment
• Secure configuration enforcement
• Real-time anomaly detection (block and file-level)
• Compliance mapping (PCI DSS, NIST, ISO, HIPAA, etc.)
• Integration with tools like ServiceNow, Qualys/Rapid7/Tenable, CyberArk, CyberSense, Varonis, and others

Solutions like StorageGuard addresses these gaps by continuously evaluating and enforcing best practices, ensuring that backup systems remain resilient against cyber threats. Organizations that implement StorageGuard for their backup environments significantly reduce the risk of ransomware attacks, data breaches, and compliance failures, ultimately strengthening their overall security posture.

• Author
• Recent Posts

Follow Tim

Tim King

Executive Editor at Solutions Review

Tim is Solutions Review's Executive Editor and leads coverage on data management and analytics. A 2017 and 2018 Most Influential Business Journalist and 2021 "Who's Who" in Data Management, Tim is a recognized industry thought leader and changemaker. Story? Reach him via email at tking@solutionsreview dot com.

Follow Tim

Latest posts by Tim King (see all)

• Exploitable Storage and Backup Vulnerabilities - May 13, 2025
• What the AI Impact on Data Storage Jobs Looks Like Right Now - May 5, 2025
• What the AI Impact on Data Center Jobs Looks Like Right Now - May 5, 2025