Stack-based Buffer Overflow in Brocade Fabric OS Allows Arbitrary Code Execution

Stack-based Buffer Overflow in Brocade Fabric OS Allows Arbitrary Code Execution

CVE-2021-27790 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. Authenticated attackers can abuse this vulnerability to exploit stack-based buffer overflows, allowing execution of arbitrary code as the root user account.

Learn more about our User Device Pen Test.