LogoFAIL vulnerability, December 2023

Findings:

Supermicro is aware of a potential vulnerability known as “LogoFAIL” in the BIOS firmware. Improper input validation in an image parser library used by BIOS may allow a privileged user to potentially enable escalation of privilege via local access.

CVE:

CVE-2023-39538
Severity: high
CVE-2023-39539
Severity: high

Affected products:

X13-AlderLake	BIOS version with the fix
B4SA1-CPU	3.1
X13SAE	3.1
X13SAE-F	3.1
X13SAN-H/-E/-L/-C	3.1
X13SAQ	3.1
X13SAV-LVDS	3.1
X13SAV-PS	3.1
X13SAZ-F	3.1
X13SAZ-Q	3.1

X13-FishHawk Falls	BIOS version with the fix
X13SRA-TF	2.0a
X13SWA-T(F)	2.0a

X13-RaptorLake	BIOS version with the fix
X13SRN-H/-E/-WOHS	3.1

X13-Catlow	BIOS version with the fix
X13SCL-IF	1.2
X13SCL-F	1.2
X13SCH	1.2
X13SCD-F	1.2
X13SCW	1.2
B4SC1	1.2

R12-ARM Altra (Max)	BIOS version with the fix
R12SPD-A/-M	1.2
R12SPD-R	1.2

X12-Tatlow	BIOS version with the fix
X12STW	1.8
X12STH	1.8
X12STD	1.8
X12STE	1.8
X12STL-IF	1.8
X12STL-F	1.8
B3ST1	1.8

X12/C9-Rocketlake	BIOS version with the fix
X12SAE-5	1.5a
X12SCA-5F	1.5a
C9Z590-CG(W)	1.5a

X12/C9-Cometlake	BIOS version with the fix
X12SAE/X12SCA-F	2.9
X12SCQ	2.9
X12SCV-LVDS	2.9a
X12SCV-W	2.9a
X12SCZ-TLN4F/QF/F	2.9a
C9Z490-PGW	2.9a

X12-Idaville	BIOS version with the fix
X12SDV-SPT4F	1.7
X12SDV-SP6F	1.7
X12SDV-SPT8F	1.7
B3SD1	TBD

X12-TigerLake	BIOS version with the fix
X12STN	1.5

X11-Bakerville	BIOS version with the fix
B2SD2	2.1
X11SDC	2.1
X11SDV-TLN2F	2.1
X11SDV-TP8F	2.1
X11SDW-TP13F	2.1
X11SDW-TP13F+	2.1
X11SDD	1.4b
X11SDS	1.4

X11-Purley	BIOS version with the fix
X11SPi-TF	4.2
X11SPG-TF	4.2
X11SPH-nCT(P)F	4.2
X11SPL-F	4.2
X11SPM-(T)F/TPF	4.2
X11SPW-(C)TF	4.2
X11DPi-N/NT/Ni	4.2
X11DAi-N	4.2
X11DGQ-R	4.0
X11DPG-HGX2	EOL
X11DPG-OT	4.0
X11DPS-RE	4.2
X11DAC	4.2
X11DGO	4.2
X11QPH+	4.2
X11QPL	4.2
X11OPi	4.2
B11DPT	4.2
B11DPE	4.0
B11QPI/-T	4.0
X11DPD-L/M25	4.2
X11DPG-QT (32MB)	4.2
X11DPG-QT (64MB)	4.2
X11DPL-i	4.2
X11DPU	4.2
X11DPU-V	4.2
X11DPU-R	TBD
X11DPX-T	4.2
X11DSC+	4.2
X11DDW-L/N(T)	4.2
X11DPFF-SN	4.2
X11DPFR-S(N)	4.2
X11DPH-T(Q)(F)	4.2
X11DPT-B	4.2
X11DPT-PS	4.2
X11DPU-Z+	4.2
B11SPE	4.2

X11-Greenlow_Server	BIOS version with the fix
X11SSD-F	3.1
X11SSH-(C)TF	3.1
X11SSH-(LN4)F	3.1
X11SSL(-F)	3.1
X11SSL-C/nF	3.1
X11SSM(-F)	3.1
X11SSW-(4)TF	3.1
X11SSW-F	3.1
X11SSA-F/X11SSi-LN4F	3.1
X11SSE-F	3.1
X11SSH-G(T)F-1585(L)	1.8
X11SSV-M4F	3.1
B2SS2-F	3.1
B2SS2-CPU/-(C)F	3.1
B2SS1/2(-H)-MTF	1.8

X11-Greenlow_Workstation	BIOS version with the fix
X11SAE(-F)	4.0
X11SAE-M	4.0
X11SAT-F	4.0
X11SSQ	4.0
X11SSQ-L	4.0
X11SSV-Q/LVDS	4.0
X11SSZ-(Q)F/TLN4F	4.0

X11-Whiskeylake-U	BIOS version with the fix
X11SWN	2.0

X11-Braswell	BIOS version with the fix
X11SBA-LN4F/F	1.2

X11-Mehlow_Server	BIOS version with the fix
X11SCW	2.3
X11SCD	2.3
X11SCM	2.3
X11SCL-LN4F	2.3
X11SCE	2.3
X11SCH	2.3
X11SCL-F	2.3
X11SCL	2.3

X11-Mehlow_Workstation	BIOS version with the fix
X11SCA-F	2.3a
X11SCQ/L	2.3
X11SCV-Q/L	2.3
X11SCZ-F/Q	2.3
B2SC1	1.5c
B2SC2	1.5c
B11SCG-CTF	1.5c
B11SCG-ZTF	1.5c

X11-BasinFalls	BIOS version with the fix
X11SRM-F	2.9
X11SRA/-(R)F	2.9
C9X299-PG(F)/RPGF	2.9
C9X299-PG300	2.9
C9X299-PG300F	2.9
B11SRE	2.8
X11SRi-IF	2.8

X11-Kabylake-U	BIOS version with the fix
X11SSN-H/E/L	2.2

A3-Jacobsville	BIOS version with the fix
A3SPI-4C/8C-LN6PF/HLN4F	1.2
A3SSV-8C/16C/24C-SPLN10F	1.2

A3-ElkHart Lake	BIOS version with the fix
A3SEV	1.5

A2-Denverton	BIOS version with the fix
A2SDi-H-T(P4)F	1.9
A2SDi-HLN4F	1.9
A2SDi-TP8F/LN4F	1.9
A2SDV-LN8F/LN10PF	1.9
A2SDV-TLN5F	1.9
A2SD1-3750F/3955F	1.9

A2-Apollolake	BIOS version with the fix
A2SAN-H/L/E & X11SAN	2.0
A2SAN-LN4-E/C	2.0
A2SAP-H/E/L	2.0
A2SAP-L1	2.0
A2SAV(-L) & X11SAA	2.0

H11-Naples	BIOS version with the fix
H11SSL-i/(N)C	2.8
H11SSW-NT/iN	2.8
H11DSU-I(N)	2.8
H11DSI-(N)T	2.8
H11DST-B	2.8

H11-Rome	BIOS version with the fix
H11SSL-i/(N)C	1.4
H11SSW-NT/iN	1.4
H11DSU-I(N)	1.4
H11DSI-(N)T	1.4
H11DST-B	1.4

H12-Rome/Milan	BIOS version with the fix
H12SSFF-AN6	2.9
H12DST-B	2.9
H12SSG-ANP6	TBD
H12DSI-N6/NT6	2.9
H12SSW-iN/NT	2.9
H12DGO-6	2.9
H12DSG-O-CPU	TBD
H12SSL-i/C/CT/NT	2.9
H12DGQ-NT6	2.9
H12DSG-Q-CPU6	2.9
H12SSW-INR/NTR	2.9
H12SSW-iNL/NTL	2.9
H12SSW-AN6	2.9
H12SST-PS	2.9
H12DSU-iN	2.9
H12DSU-iNR	2.9
H12SSG-AN6	2.9
H12SSFR-AN6	2.9
BH12SSi-M25	TBD

H13-AM5	BIOS version with the fix
H13SAE	1.2
H13SRD	1.2

M12-Chagal	BIOS version with the fix
M12SWA	2.2

M11-Wallaby	BIOS version with the fix
M11SDV-LN4F	1.2

Mitigation:

All products that support Root of Trust (RoT) are not affected by this vulnerability.

Supermicro is currently working on updating BIOS firmware to mitigate this issue. Please check the release notes for resolution.

Exploitation and Public Announcement:

Supermicro is not aware of any public announcements or malicious use of these vulnerabilities that is described in this advisory.

Rackmount Servers

1U Dual Processor

2U Dual Processor

Single Processor

Multi Processor

Product Families

GPU Servers

8U GPU Lines

4U GPU Lines

2U GPU Lines

1U GPU Lines

Twin Servers

FlexTwin™

BigTwin®

GrandTwin®

TwinPro®

Twin

FatTwin®

Blade Servers

SuperBlade®

MicroBlade®

MicroCloud

Storage Servers

All Storage Systems

All-Flash NVMe

Top-Loading Storage

JBOF

Enterprise-Optimized Storage

JBOD Storage Enclosures

Motherboards

Server Boards

Workstation Boards

Embedded / IoT Boards

Desktop / Gaming Boards

Previous Gen.

Motherboard Matrix

Global SKUs

Chassis

1U Chassis

2U Chassis

3U Chassis

4U / Tower Chassis

Mid / Mini-Tower

Embedded / IoT Chassis

Mobile Racks / Drive Kits

JBOD Storage Enclosures

Global SKUs

SuperRack®

Data Center Solution Engineering (DCSE)

Rack Integration Service

Accessories

Cable Matrix

Riser Card Matrix

Storage AOC Matrix

Power Supply Matrix

Heatsink Matrix

System Fan Matrix

Mobile Racks / Drive Kits

Front Chassis Bezels

Storage, I/O, Security

Edge & Telecom Servers

Fanless Edge Systems

Compact Edge Systems

Outdoor Edge Systems

1U Edge Network Systems

5G/Telecom Systems

Embedded Components

Embedded Motherboards

Embedded Chassis

Switches

Adapters

SuperWorkstations

Liquid-Cooled AI Development Platform

Single-Processor

Dual-Processor

Supero™ Gaming Solutions

AI Infrastructure

AI SuperCluster

AI Solutions for Industries

Edge AI