Vulnerability Details CVE-2025-1976
Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.6%
CVSS Severity
CVSS v3 Score 6.7
Proposed Action
Broadcom Brocade Fabric OS contains a code injection vulnerability that allows a local user with administrative privileges to execute arbitrary code with full root privileges.
Ransomware Campaign
Unknown
References
Products affected by CVE-2025-1976
-
cpe:2.3:o:broadcom:fabric_operating_system:9.1.0
-
cpe:2.3:o:broadcom:fabric_operating_system:9.1.1
-
cpe:2.3:o:broadcom:fabric_operating_system:9.1.1c
-
cpe:2.3:o:broadcom:fabric_operating_system:9.1.1d
-
cpe:2.3:o:broadcom:fabric_operating_system:9.1.1d1
-
cpe:2.3:o:broadcom:fabric_operating_system:9.1.1d2