PT-2025-1580 · Supermicro · Supermicro Mbd-X12Dpg-Oa6

Alexander Tereshkin

Publicado

2025-02-04

Atualizado

2025-09-29

CVE-2024-10237

CVSS v3.1

7.2

Alta

Vetor

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Supermicro BMC firmware versions (affected versions not specified)

Description The Baseboard Management Controller (BMC) firmware has a flaw in its firmware image authentication design. An attacker can modify the firmware to bypass BMC inspection and the signature verification process. This allows for unauthorized modifications to the BMC firmware.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Verification of Cryptographic Signature

Insufficient Verification of Data Authenticity

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-347CWE-345

Identificadores relacionados

CVE-2024-10237

Produtos afetados

Supermicro Mbd-X12Dpg-Oa6

PT-2025-1580 · Supermicro · Supermicro Mbd-X12Dpg-Oa6

CVE-2024-10237

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12