Cyber Posture

CVE-2025-9711

High

Published: 03 February 2026

Published
03 February 2026
Modified
06 February 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0001 0.5th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-9711 is a high-severity Least Privilege Violation (CWE-272) vulnerability in Broadcom Fabric Operating System. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Remediating the specific flaw by upgrading to Brocade Fabric OS 9.2.1c3 or later directly eliminates the privilege escalation vulnerability in seccertmgmt and seccryptocfg commands.

AC-6 Least Privilege good match
prevent

Enforcing least privilege restricts local authenticated users from accessing or executing the export options in seccertmgmt and seccryptocfg that enable root escalation, directly addressing CWE-272.

AC-3 Access Enforcement partial match
prevent

Access enforcement ensures system mechanisms properly validate and restrict privilege elevations attempted through flawed command options.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Local authenticated privilege escalation to root via command abuse directly matches Exploitation for Privilege Escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to “root” using the export option of seccertmgmt and seccryptocfg commands.

Deeper analysisAI

CVE-2025-9711 is a privilege escalation vulnerability in Brocade Fabric OS versions prior to 9.2.1c3. It enables a local authenticated user to elevate their privileges to root by exploiting the export option in the seccertmgmt and seccryptocfg commands. The issue is rated with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-272 (Least Privilege Violation).

The vulnerability can be exploited by any local user with authenticated access to the system, requiring low complexity and no user interaction. Successful exploitation grants full root privileges, allowing the attacker to achieve high impacts on confidentiality, integrity, and availability, such as arbitrary code execution, data modification, or system disruption.

Broadcom has published a security advisory detailing the issue, available at https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36852, which recommends upgrading to Fabric OS 9.2.1c3 or later to mitigate the vulnerability.

Details

CWE(s)
CWE-272

Affected Products

broadcom
fabric operating system
≤ 9.2.1c3 · 9.2.2 — 9.2.2c

CVEs Like This One

CVE-2025-58383Same product: Broadcom Fabric Operating System
CVE-2025-58382Same product: Broadcom Fabric Operating System
CVE-2026-0383Same product: Broadcom Fabric Operating System
CVE-2024-5462Same product: Broadcom Fabric Operating System
CVE-2024-5461Same product: Broadcom Fabric Operating System
CVE-2026-32655Shared CWE-272
CVE-2026-0869Same vendor: Broadcom
CVE-2025-59106Shared CWE-272
CVE-2024-2240Same vendor: Broadcom
CVE-2024-4282Same vendor: Broadcom

References