CVE-2025-1976 - Broadcom Brocade Fabric OS Code Injection Vulnerability

Vulnerability Name

Broadcom Brocade Fabric OS Code Injection Vulnerability

Description

Broadcom Brocade Fabric OS contains a code injection vulnerability that allows a local user with administrative privileges to execute arbitrary code with full root privileges.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25602

https://nvd.nist.gov/vuln/detail/CVE-2025-1976

Related News Articles

CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacksApril 29, 2025

CISA Adds Actively Exploited Broadcom and Commvault Flaws to KEV DatabaseApril 29, 2025