Claudio Moletta

**Name of the Vulnerable Software and Affected Versions** Commvault Edge versions prior to 11 SP7 Commvault Edge version 11 SP6 with hotfix prior to 590 **Description** The issue is caused by a stack-based buffer overflow in the Communications Service of the Commvault Edge data backup software. This could allow a remote attacker to execute arbitrary code with root/SYSTEM privileges using TCP port 8400. **Recommendations** For Commvault Edge versions prior to 11 SP7, update to version 11 SP7 or later. For Commvault Edge version 11 SP6, apply hotfix 590 or later.