CVE-2025-9711: Privilege escalation in Brocade Fabric OS before 9.2.1c3, and 9.2.2 though 9.2.2b
Published Feb 3, 2026
·Updated
A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to “root” using the export option of seccertmgmt and seccryptocfg commands.
Affected Software
3 affected components
Brocade Fabric OS<9.2.1c3, >=9.2.2<9.2.2b
Broadcom Fabric Operating System<9.2.1c3
Broadcom Fabric Operating System>=9.2.2<9.2.2c
Event History
Feb 3, 2026
CVE Published
via MITRE·05:19 AM
Data Sourced
via MITRE·05:19 AM
DescriptionWeakness
Data Sourced
via NVD·06:15 AM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2025-9711?
CVE-2025-9711 has a critical severity level due to the potential for privilege escalation to root by authenticated users.
2
How do I fix CVE-2025-9711?
To fix CVE-2025-9711, upgrade Brocade Fabric OS to version 9.2.1c3 or later, or 9.2.2b or later.
3
Who is affected by CVE-2025-9711?
CVE-2025-9711 affects users running Brocade Fabric OS versions before 9.2.1c3 and between 9.2.2 and 9.2.2b.
4
What actions can be taken to mitigate CVE-2025-9711?
Users should refrain from using the export option of seccertmgmt and seccryptocfg commands until the vulnerability is patched.
5
Is CVE-2025-9711 an exploit or a vulnerability?
CVE-2025-9711 is a vulnerability that allows for potential privilege escalation in compromised systems.