CVE-2025-9711

EPSS 0.01%
Veröffentlicht 03.02.2026 06:15:53
Zuletzt bearbeitet 06.02.2026 20:11:19
Quelle sirt@brocade.com
CVE-Watchlists
Login
Unerledigt
Login

Privilege escalation in Brocade Fabric OS before 9.2.1c3, and 9.2.2 though 9.2.2b

A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to “root” using the export option of seccertmgmt and seccryptocfg commands.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 2 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Broadcom ≫ Fabric Operating System Version < 9.2.1c3

Broadcom ≫ Fabric Operating System Version >= 9.2.2 < 9.2.2c

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.005

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
sirt@brocade.com	8.5	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-272 Least Privilege Violation

The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36852

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-9711

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-9711

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-9711

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-9711