Privilege escalation in Brocade Fabric before 9.2.1c2 and 9.2.2 through...

8.5 / 10

HIGH

CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

A vulnerability in the secure configuration of authentication and
management services in Brocade Fabric OS before Fabric OS 9.2.1c2 could
allow an authenticated, remote attacker with administrative credentials
to execute arbitrary commands as root using “supportsave”,
“seccertmgmt”, “configupload” command.

Basic Information

ID CVE-2025-58382

Source brocade

Published Feb 3, 2026 at 01:39

Modified Feb 3, 2026 at 02:02

Affected Product

Vendor Brocade

Product Fabric OS

Version before 9.2.1c2 and 9.2.2 through 9.2.2a

Affected Versions Brocade Fabric OS before 9.2.1c2 and 9.2.2 through 9.2.2a

CWE Classification

CWE-305

References

support.broadcom.com /web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36849

{
    "lastseen": "",
    "description": "A vulnerability in the secure configuration of authentication and \nmanagement services in Brocade Fabric OS before Fabric OS 9.2.1c2 could \nallow an authenticated, remote attacker with administrative credentials \nto execute arbitrary commands as root using \u201csupportsave\u201d, \n\u201cseccertmgmt\u201d, \u201cconfigupload\u201d command.",
    "published": "2026-02-03T01:39:55.349Z",
    "modified": "2026-02-03T02:02:25.413Z",
    "type": "cve",
    "title": "Privilege escalation in Brocade Fabric before 9.2.1c2 and 9.2.2 through 9.2.2a",
    "source": "brocade",
    "references": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36849",
    "id": "CVE-2025-58382",
    "bulletinFamily": "",
    "cwe": [
        "CWE-305"
    ],
    "cvelist": null,
    "sourceData": "Brocade Fabric OS before 9.2.1c2 and 9.2.2 through 9.2.2a",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Fabric OS",
    "version": "before 9.2.1c2 and 9.2.2 through 9.2.2a",
    "vendor": "Brocade",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Privilege escalation in Brocade Fabric before 9.2.1c2 and 9.2.2 through 9.2.2a_CVE-2025-58382