CVE-2025-12774
Published: 03 February 2026
Summary
CVE-2025-12774 is a high-severity Cleartext Storage of Sensitive Information (CWE-312) vulnerability in Broadcom Sannav. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Credentials In Files (T1552.001); ranked at the 0.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
Threat & Defense at a Glance
Threat & Defense Details
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Training on secure data handling discourages cleartext storage of sensitive information.
Data action mapping can detect storage actions that leave sensitive information in cleartext.
Configuration policies can mandate secure storage methods to avoid cleartext storage of sensitive information.
Policy requires protection measures such as encryption for sensitive data stored on media, preventing cleartext exposure.
Key-management policy requires protected storage of key material, preventing cleartext storage of sensitive cryptographic keys.
Requiring confidentiality protection for information at rest eliminates cleartext storage of sensitive data on persistent media.
Reduces cleartext storage of sensitive data when OPSEC identifies and mandates protection of key information artifacts.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability directly results in cleartext/embedded sensitive credentials and DB structures inside a generated support file, enabling credential access from local files once the artifact is obtained.
NVD Description
A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file. An attacker with access to Brocade SANnav supportsave file, could open the file and then…
more
obtain sensitive information such as details of database tables and encrypted passwords.
Deeper analysisAI
CVE-2025-12774 is a vulnerability in the migration script of Brocade SANnav versions prior to 3.0. The flaw enables the inclusion of database SQL queries within the SANnav supportsave file, potentially exposing sensitive information. This issue is classified under CWE-312 and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with no requirements for privileges or user interaction.
An attacker who obtains access to a Brocade SANnav supportsave file can exploit this vulnerability by simply opening the file to extract sensitive details, such as database table structures and encrypted passwords. Exploitation requires physical or logical access to the supportsave file, which is typically generated for troubleshooting and support purposes, but the network-accessible vector per CVSS suggests potential for remote acquisition if files are mishandled or exposed.
The Broadcom security advisory at https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36848 provides details on mitigation, including recommendations for upgrading to SANnav 3.0 or later where the issue is addressed. Security practitioners should review the advisory for full patch information and handling instructions for existing supportsave files.
Details
- CWE(s)