CVE-2025-9711
Unknown
Unknown - Not Provided
BaseFortify
Vulnerability report for CVE-2025-9711, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-02-03
Last updated on: 2026-02-06
Assigner: Brocade Communications Systems, LLC
Description
Description
A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to βrootβ using the export option of seccertmgmt and seccryptocfg commands.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| broadcom | fabric_operating_system | to 9.2.1c3 (exc) |
| broadcom | fabric_operating_system | From 9.2.2 (inc) to 9.2.2c (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-272 | The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed. |