PT-2025-1580 · Supermicro · Supermicro Mbd-X12Dpg-Oa6

Alexander Tereshkin

Published

2025-02-04

Updated

2025-09-25

CVE-2024-10237

CVSS v3.1

7.2

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

**Name of the Vulnerable Software and Affected Versions**

Supermicro BMC firmware versions (affected versions not specified)

**Description**

The Baseboard Management Controller (BMC) firmware has a flaw in its firmware image authentication design. An attacker can modify the firmware to bypass BMC inspection and the signature verification process. This allows for unauthorized modifications to the BMC firmware.

**Recommendations**

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Verification of Cryptographic Signature

Insufficient Verification of Data Authenticity

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-347CWE-345

Related Identifiers

CVE-2024-10237

Affected Products

Supermicro Mbd-X12Dpg-Oa6

PT-2025-1580 · Supermicro · Supermicro Mbd-X12Dpg-Oa6

Weakness Enumeration

Related Identifiers

Affected Products

References · 11