CVE-2025-58382
Published: 03 February 2026
Summary
CVE-2025-58382 is a high-severity Authentication Bypass by Primary Weakness (CWE-305) vulnerability in Broadcom Fabric Operating System. Its CVSS base score is 8.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 44.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-58382 is a vulnerability in the secure configuration of authentication and management services within Brocade Fabric OS versions prior to 9.2.1c2. It stems from improper handling that enables an authenticated, remote attacker possessing administrative credentials to execute arbitrary commands with root privileges. The issue is classified under CWE-305 (Incorrect Inheritance of Permissions) and carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts.
An attacker requires valid administrative credentials and remote network access to the affected Fabric OS management interface to exploit this flaw. By leveraging specific commands such as "supportsave", "seccertmgmt", or "configupload", the attacker can escalate privileges and run arbitrary code as root, potentially leading to full system compromise, data exfiltration, or persistent access within the storage fabric environment.
Broadcom has published a security advisory addressing this vulnerability, available at https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36849, which details the issue and recommends upgrading to Fabric OS 9.2.1c2 or later to mitigate the risk.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-206762
Vulnerability details
A vulnerability in the secure configuration of authentication and management services in Brocade Fabric OS before Fabric OS 9.2.1c2 could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands as root using “supportsave”, “seccertmgmt”, “configupload” command.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vuln directly enables authenticated admin to escalate to root via arbitrary command execution on Unix-like Fabric OS.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly counters the CWE-305 permission inheritance flaw by ensuring administrative accounts cannot inherit or exercise root-level execution rights via supportsave, seccertmgmt or configupload.
Requires prompt application of the vendor patch (Fabric OS 9.2.1c2) that corrects the flawed command handling before an authenticated attacker can escalate to root.
Enforces approved authorizations on the management interface so that even valid admin credentials cannot invoke the listed commands with unintended root privileges.