CVE-2025-12774 is a vulnerability identified in Brocade SANnav, a storage area network management tool, specifically affecting versions prior to 3.0. The root cause is a migration script that, during its operation, collects database SQL queries and stores them in the SANnav support save file. This file, intended for diagnostic and support purposes, inadvertently contains sensitive information including database table details and encrypted passwords. An attacker who gains access to this support save file can extract this information, potentially facilitating further attacks or unauthorized data access. The vulnerability is classified under CWE-312, indicating cleartext storage of sensitive information. Exploitation requires the attacker to have local access to the system with high privileges to obtain the support save file, but does not require user interaction or authentication beyond that. The CVSS 4.0 base score is 4.6 (medium severity), reflecting the limited attack vector (local), but low complexity and no user interaction. No public exploits have been reported to date. The vulnerability impacts confidentiality primarily, with no direct impact on integrity or availability. The exposure of encrypted passwords, while not immediately compromising, could be leveraged if encryption is weak or keys are compromised elsewhere. This vulnerability highlights the importance of secure handling of diagnostic files and sensitive data within enterprise storage management solutions.

For European organizations, especially those operating large-scale storage area networks using Brocade SANnav, this vulnerability could lead to unauthorized disclosure of sensitive infrastructure information. Exposure of database structures and encrypted passwords could facilitate lateral movement or privilege escalation if attackers combine this information with other vulnerabilities or compromised credentials. Confidentiality breaches could impact compliance with GDPR and other data protection regulations, potentially resulting in legal and financial penalties. Organizations in sectors with critical data storage needs, such as finance, healthcare, and government, may face increased risk due to the sensitivity of their stored data. Although exploitation requires local access with high privileges, insider threats or attackers who have already compromised a system could leverage this vulnerability to deepen their access. The lack of known exploits reduces immediate risk, but the presence of sensitive information in support files remains a persistent security concern.

European organizations should implement strict access controls on Brocade SANnav support save files, ensuring only authorized personnel with a legitimate need can access them. Regular audits and monitoring of file access can help detect unauthorized attempts. It is critical to upgrade Brocade SANnav to version 3.0 or later once available, as this version addresses the vulnerability. Until patching is possible, organizations should minimize generation and distribution of support save files and securely delete them after use. Encrypting support save files at rest and in transit can add an additional layer of protection. Additionally, reviewing and hardening privilege management policies to limit high privilege access reduces the risk of exploitation. Organizations should also verify the strength of password encryption mechanisms used by SANnav and consider rotating credentials if exposure is suspected. Finally, integrating this vulnerability into incident response plans will prepare teams to respond promptly if exploitation is detected.