CVE-2025-1976

Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.

Published: Apr 24, 2025
Updated: Apr 30, 2025
CVE: CVE-2025-1976
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.7
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
broadcom / fabric_operating_system	9.1.0	9.1.1d7

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25602

Vulnerability Database

289,871

CVE-2025-1976