CVE-2022-33185
published 2022-10-25CVE-2022-33185: Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local…
PriorityP341high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.32%
23.9th percentile
Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | fabric_operating_system | < 9.0.1e | 9.0.1e |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://security.netapp.com/advisory/ntap-20230127-0010/https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2078https://security.netapp.com/advisory/ntap-20230127-0010/https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2078
2022-10-25
Published