CVE-2025-7623

Name of the Vulnerable Software and Affected Versions SMASH-CLP shell (affected versions not specified)

Description A stack-based buffer overflow exists in the SMASH-CLP shell. An authenticated attacker with SSH access to the Baseboard Management Controller (BMC) can exploit this issue by providing a crafted SMASH command. This allows the attacker to overwrite the return address and registers, potentially leading to arbitrary code execution on the BMC firmware operating system. The overflow occurs in a 260-byte stack buffer.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.