Vulnerability Disclosure:
The purpose of this disclosure is to communicate the potential vulnerabilities affecting Supermicro products that were reported by an external researcher.
Acknowledgement:
Supermicro would like to acknowledge the work done by the researcher from JAMK University of Applied Sciences, Finland for discovering potential vulnerabilities in Supermicro BMC IPMI Firmware.
Summary:
A number of security issues have been discovered in select Supermicro boards. These issues may affect the web server component of BMC IPMI.
| CVE Number | Description | Severity |
|---|---|---|
| IPMI BMC SSDP/UPnP web server directory traversal and iKVM access allowing the rebooting of the host | High | |
| IPMI BMC administrative web interface virtual floppy/USB remote command execution | High | |
| IPMI BMC devices use hardcoded configuration file encryption keys, allowing the attacker to craft and upload a malicious configuration file packages to gain remote command execution | High |
Affected products:
Supermicro BMC in select X11, M11, X12, H12, B12, X13, H13, B13 and C9X299 motherboards.
Remediation:
Affected Supermicro motherboard SKUs will require a BMC update to mitigate these potential vulnerabilities.
An updated BMC firmware has been created to mitigate these potential vulnerabilities. Please check BMC Firmware update and the release notes for the resolution and contact technical support for further details.
As an immediate workaround to reduce the attack surface, it is advised to follow the BMC Configuration Best Practices Guide and configure session timeout.
Exploitation and Public Announcements:
Supermicro is not aware of any public announcements or malicious use of these vulnerabilities that is described in this advisory.