buffer overflow vulnerability in “secpolicydelete” command
Description
A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Buffer overflow in Brocade Fabric OS secpolicydelete command allows authenticated privileged user to cause denial of service.
Vulnerability
A buffer overflow vulnerability exists in the secpolicydelete command of Brocade Fabric OS. The vulnerability affects versions before Brocade Fabric OS v9.1.1c and v9.2.0, and is present in systems running affected versions [1]. The issue occurs when a privileged user executes the secpolicydelete command with crafted input, leading to a buffer overflow condition [1].
Exploitation
An attacker must have authenticated privileged access to the Brocade Fabric OS switch. The attacker triggers the vulnerability by executing the secpolicydelete command with specially crafted input that causes a buffer overflow [1]. No other user interaction or network position is required beyond having administrative credentials.
Impact
Successful exploitation causes the Brocade Fabric OS switch to crash, resulting in a denial of service (DoS). This impacts the availability of the switch and associated network services [1].
Mitigation
Brocade has released fixes in Brocade Fabric OS v9.1.1c, v9.2.0, and v8.2.3e [1]. Users should upgrade to one of these versions or later. The vulnerability was discovered during internal penetration testing [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <9.1.1c
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.