CVE-2025-58382

HIGH

Brocade Fabric OS <9.2.1c2 - Command Injection

Title source: llm

Description

A vulnerability in the secure configuration of authentication and management services in Brocade Fabric OS before Fabric OS 9.2.1c2 could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands as root using “supportsave”, “seccertmgmt”, “configupload” command.

References (1)

[Vendor Advisory] https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36849

Scores

CVSS v3 7.2

EPSS 0.0009

EPSS Percentile 26.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-305

Status published

Products (1)

broadcom/fabric_operating_system < 9.2.1c2

Published Feb 03, 2026

Tracked Since Feb 18, 2026