Brocade Fabric OS Code Execution Vulnerability with Root Privileges

A code injection vulnerability has been identified in Brocade Fabric OS versions 9.1.0 through 9.1.1d6. In these versions, root access has been removed, but a local user with admin privileges can execute arbitrary code with full root rights. This exploitation takes advantage of a flaw in IP address validation, allowing the user to run any existing Fabric OS command or modify the operating system by adding custom subroutines. Although this vulnerability requires valid access to an admin role, it has been actively exploited in the field.

Impact

Exploitation of this vulnerability allows for arbitrary code execution with root privileges on the affected system.

Remediation

Users are advised to upgrade to Brocade Fabric OS version 9.1.1d7, which addresses this vulnerability. For those using versions prior to 9.1.0, the switch ADMIN role can directly access root, so an upgrade to a version that removes root access is recommended where possible.