CVE-2025-4663

EUVD-2025-20681

08.07.2025, 18:15

An Improper Check for Unusual or 
Exceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a
 could allow an authenticated, network-based attacker to cause a 
Denial-of-Service (DoS).
The
 vulnerability is encountered when supportsave is invoked remotely, 
using ssh command or SANnav inline ssh, and the corresponding ssh 
session is terminated with Control C (^c ) before supportsave 
completion.
This issue affects Brocade Fabric OS 9.0.0 through 9.2.2

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.9 MEDIUM	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 16%

Affected Products (NVD)

Vendor	Product	Version
broadcom	fabric_operating_system	9.0.0 ≤ 𝑥 ≤ 9.2.1b
broadcom	fabric_operating_system	9.2.2

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-754 - Improper Check for Unusual or Exceptional Conditions
The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35815