CVE-2025-7937

Name of the Vulnerable Software and Affected Versions Supermicro BMC firmware versions (affected versions not specified)

Description An issue exists in the Supermicro BMC firmware validation logic on Supermicro MBD-X12STW. An attacker can update the system firmware with a specially crafted image. Exploitation of this issue may allow a remote attacker to install and execute a malformed BMC firmware update image, potentially creating persistent backdoors. The vulnerability relates to errors in the cryptographic signature verification process within the BMC web interface.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.