Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Broadcom — Vulnerabilities & Security Advisories 88

Browse all 88 CVE security advisories affecting Broadcom. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Broadcom operates as a global infrastructure technology leader, specializing in semiconductor and infrastructure software solutions that power critical enterprise networks, data centers, and broadband connectivity. Its extensive product portfolio, including VMware virtualization and network switching hardware, creates a broad attack surface for potential exploitation. Historically, vulnerabilities within its ecosystem have frequently involved remote code execution, buffer overflows, and privilege escalation flaws, often stemming from complex legacy codebases or misconfigured default settings in embedded systems. Notable security incidents have included critical flaws in network management interfaces and firmware components, which could allow attackers to gain unauthorized access or disrupt service availability. With 88 recorded CVEs, the company’s security posture is heavily scrutinized due to the critical nature of its infrastructure role. Continuous patching and rigorous code auditing remain essential to mitigate risks associated with these diverse software and hardware components in high-stakes environments.

Top products by Broadcom: LSI Storage Authority (LSA) Symantec Privileged Access Management BCM5820X DX NetOps Spectrum Brocade SANnav Brocade ASCG WiFi drivers brcmfmac WiFi driver Symantec IT Management Suite Symantec Endpoint Protection Windows Client Symantec PGP Encryption Data Loss Prevention SiteMinder Symantec Web Security Services Agent Unified Infrastructure Management 8.6.IT Management Suite Brocade Fabric OS Automic Automation CA Client Automation (ITCM) Symantec SiteMinder
CVE IDTitleCVSSSeverityPublished
CVE-2025-6392 Daily Data Dump Collector logs database password in cleartext when running docker exec commands (CVE-2025-6392) — Brocade SANnavCWE-532 6.2AIMediumAI2025-07-10
CVE-2025-6390 Cleartext storage of sensitive information in Brocade SANnav server audit logs. — Brocade SANnavCWE-497 5.5AIMediumAI2025-07-10
CVE-2025-4662 Plaintext security passwords are logged in the audit logs while executing openssl cmd — Brocade SANnavCWE-497 5.5AIMediumAI2025-07-10
CVE-2025-4663 Denial-of-Service (DoS) after Unusual or Exceptional Conditions vulnerability — Brocade Fabric OSCWE-754 6.5AIMediumAI2025-07-08
CVE-2025-24508 Offline Extraction of Account Connectivity Credentials (ACCs) in IT Management Suite — Symantec IT Management Suite 6.4 Medium2025-07-07
CVE-2025-5333 Unauthenticated Remote Code Execution in IT Management Suite — Symantec IT Management Suite 9.8 -2025-07-06
CVE-2025-24919 Dell ControlVault3/ControlVault3 Plus deserialization of untrusted input vulnerability — BCM5820XCWE-502 8.1 High2025-06-13
CVE-2025-25215 Dell ControlVault3/ControlVault3 Plus cv_close arbitrary free vulnerability — BCM5820XCWE-763 8.8 High2025-06-13
CVE-2025-25050 Dell ControlVault3/ControlVault3 Plus cv_upgrade_sensor_firmware out-of-bounds write vulnerability — BCM5820XCWE-787 8.8 High2025-06-13
CVE-2025-24922 Dell ControlVault3/ControlVault3 Plus securebio_identify stack-based buffer overflow vulnerability — BCM5820XCWE-121 8.8 High2025-06-13
CVE-2025-24311 Dell ControlVault3/ControlVault3 Plus cv_send_blockdata out-of-bounds read vulnerability — BCM5820XCWE-125 8.4 High2025-06-13
CVE-2025-4971 Broadcom Automic Automation Agent Unix privilege escalation — Automic AutomationCWE-426 7.8AIHighAI2025-05-19
CVE-2025-24507 Broadcom Symantec Privileged Access Management 安全漏洞 — Symantec Privileged Access Management 6.7 -2025-01-30
CVE-2025-24506 Broadcom Symantec Privileged Access Management 安全漏洞 — Symantec Privileged Access Management 5.3 -2025-01-30
CVE-2025-24505 Broadcom Symantec Privileged Access Management 安全漏洞 — Symantec Privileged Access Management 7.2 -2025-01-30
CVE-2025-24504 Broadcom Symantec Privileged Access Management 安全漏洞 — Symantec Privileged Access ManagementCWE-20--2025-01-30
CVE-2025-24503 Broadcom Symantec Privileged Access Management 安全漏洞 — Symantec Privileged Access Management 7.1 -2025-01-30
CVE-2025-24502 Broadcom Symantec Privileged Access Management 安全漏洞 — Symantec Privileged Access Management 8.2 -2025-01-30
CVE-2025-24501 Broadcom Symantec Privileged Access Management 安全漏洞 — Symantec Privileged Access ManagementCWE-20 5.3 -2025-01-30
CVE-2025-24500 Broadcom Symantec Privileged Access Management 安全漏洞 — Symantec Privileged Access Management 7.5 -2025-01-30
CVE-2024-38499 Improper Privilege Management Vulnerability in CA Client Automation 14.5 — CA Client Automation (ITCM)CWE-269 6.5 -2024-12-17
CVE-2024-38496 Symantec Privileged Access Manager Insecure Direct Object Reference vulnerability — Symantec Privileged Access Management 4.3 -2024-07-15
CVE-2024-38495 Symantec Privileged Access Manager User Enumeration vulnerability — Symantec Privileged Access Management 5.3 -2024-07-15
CVE-2024-38494 Symantec Privileged Access Manager Remote Command Execution vulnerability — Symantec Privileged Access Management 7.2 -2024-07-15
CVE-2024-38493 Symantec Privileged Access Manager Reflected Cross Site Scripting vulnerability — Symantec Privileged Access Management 6.1 -2024-07-15
CVE-2024-38492 Symantec Privileged Access Manager Remote Command Execution vulnerability — Symantec Privileged Access Management 9.8 -2024-07-15
CVE-2024-38491 Symantec Privileged Access Manager SQL Injection vulnerability — Symantec Privileged Access Management 7.5 -2024-07-15
CVE-2024-36458 Symantec Privileged Access Manager Privilege Escalation vulnerability — Symantec Privileged Access Management 8.1 -2024-07-15
CVE-2024-36457 Symantec Privileged Access Manager Authentication Bypass vulnerability — Symantec Privileged Access Management 9.8 -2024-07-15
CVE-2024-36456 Symantec Privileged Access Manager Remote Command Execution vulnerability — Symantec Privileged Access Management 9.8 -2024-07-15

This page lists every published CVE security advisory associated with Broadcom. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.