The Supermicro Security Center is the established source for product security updates and information from Supermicro, a global leader in enterprise computing, storage, networking, and green computing technology. We strive for continuous improvement in our security practices.
The security of our customers is a top priority; hence we have put measures in place to safeguard the operation of your Supermicro servers and storage systems. Servers and storage systems as they exist today are becoming more versatile yet more complex with the need to be secured. With threat actors, Supermicro is developing defense mechanisms to protect users and customers and thus bring our security knowledge to the highest in the industry. Supermicro recognizes that customers expect to deploy products that meet high-security standards; therefore, our response is designed for the highest level of protection.
Supermicro recommends that you follow security best practices, including keeping your operating system up-to-date and running the latest versions of firmware and all software.
Report a Product Security Issue
If you encountered a security issue with a Supermicro product, please send an e-mail to secure@supermicro.com with the following details:
- Product name/SKU
- Detailed report on the vulnerability
- Instructions to reproduce
- Any relevant CVEs
Please do not include any sensitive or confidential information in clear text emails – use PGP Key to encrypt your message. Supermicro Product Security Team will review your report and contact you to jointly resolve the issue.
詳細へLast Updated:
Supermicro regards the security of your data center with the highest importance. Supermicro is providing a list of standards and specifications for the newly released X12 and H12 family of servers and storage systems. These built-in capabilities will serve as a guideline for establishing secure operations within your data center. Review the list below.
Category | Security Specifications | Intel X12 Products | AMD H12 Products |
---|---|---|---|
Hardware | Root of Trust | ✔ | ✔ |
Chassis Intrusion Protection | ✔ | ✔ | |
TPM 2.0 | ✔ | ✔ | |
Intel Boot Guard | ✔ | ||
Intel® Software Guard Extensions (Intel® SGX)1 | ✔ | ||
BIOS/BMC | Secure Boot | ✔ | ✔ |
Secure Drive Erase | ✔ | ✔ | |
Secure Flash | ✔ | ✔ | |
Cryptographically signed firmware | ✔ | ✔ | |
Secure Redfish API | ✔ | ✔ | |
Password Security | ✔ | ✔ | |
USB dynamic enable/disable | ✔ | ||
HDD Password | ✔ | ✔ | |
Standards | NIST SP 800-193 | ✔ | ✔ |
NIST SP 800-147b | ✔ | ✔ | |
NIST SP 800-88 | ✔ | ✔ |
Notes:
- Certain features may not apply to all products
- 1 On select models and configurations
The Baseboard Management Controller (BMC) provides remote access to multiple users at different locations for networking. BMC allows a system administrator to monitor system health and manage computer events remotely. BMC is used with an (Intelligent Platform Management Interface) IPMI Management utility which makes it possible to control and monitor servers centrally. For BMC security features, please see the Security Specs tab.
Intel Platform Update (IPU) Update 2023.1, February 2023
This update applies to the X11, X12, and X13 families of products powered by Intel Xeon® and other Intel processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.
- INTEL-SA-00700 – 2023.1 IPU – Intel® Atom® and Intel® Xeon® Scalable Processors Advisory
- INTEL-SA-00717 – 2023.1 IPU – BIOS Advisory
- INTEL-SA-00718 – 2023.1 IPU – Intel® Chipset Firmware Advisory
- INTEL-SA-00730 – 2023.1 IPU – 3rd Gen Intel® Xeon® Scalable Processors Advisory
- INTEL-SA-00738 – 2023.1 IPU – Intel® Xeon® Processor Advisory
- INTEL-SA-00767 – 2023.1 IPU – Intel® Processor Advisory
Voltage Regulator Module (VRM) and Inter-Integrated Circuit (I²C) Overvolting/Undervolting, January 2023
Researchers have identified a vulnerability in The Board Management Controller (BMC) which may allow changes to the voltage to be outside the specified operating range for the CPU and therefore, affect normal computations.
- CVE-2022-43309
AMD Security Vulnerabilities, January 2023
This update applies to the H11 and H12 families of products powered by 1st/2nd/3rd/4th Gen AMD EPYC™ Processors. This update also applies to M12 family of products powered by Ryzen™ Threadripper™ processor. Potential vulnerabilities in various platform components were discovered and have been mitigated in AMD EPYC™ and AMD Ryzen™ AGESA™ PI packages.
- AMD-SN-1031 - AMD Client Vulnerabilities – January 2023
- AMD-SN-1032 - AMD Server Vulnerabilities – January 2023
Intel Platform Update (IPU) Update 2022.3, November 2022
This update applies to the X11, and X12 families of products powered by Intel Xeon® and other Intel processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.
- INTEL-SA-00610 - 2022.3 IPU – Intel® Chipset Firmware Advisory
- INTEL-SA-00668 - 2022.2 IPU – BIOS Advisory
OpenSSL Advisory, November 2022
OpenSSL versions from 3.x through 3.0.6 are found vulnerable to a high severity security vulnerability that can lead to crash or unexpected behavior. Supermicro products are not affected by this OpenSSL vulnerability.
- CVE-2022-3786
- CVE-2022-3602
Microsoft Windows Secure Boot Bypass, August 2022
Researchers have identified several vulnerabilities in Microsoft’s third-party bootloaders that can affect all computer systems using x64 UEFI Secure Boot.
- CVE-2022-34301
- CVE-2022-34302
- CVE-2022-34303
Intel Platform Update (IPU) Update 2022.2, August 2022
This update applies to the X11, and X12 families of products powered by Intel Xeon® and other Intel processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.
- INTEL-SA-00657 - 2022.2 IPU – Intel® Processor Advisory
- INTEL-SA-00669 - 2022.2 IPU – Intel® Chipset Firmware Advisory
- INTEL-SA-00686 - 2022.2 IPU – BIOS Advisory
Intel Platform Update (IPU) Update 2022.1, June 2022
This update applies to the X10, X11, and X12 families of products powered by Intel Xeon® and other Intel processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.
- INTEL-SA-00601 - 2022.1 IPU – BIOS Advisory
- INTEL-SA-00613 - 2022.1 IPU – Intel® Boot Guard and Intel® TXT Advisory
- INTEL-SA-00614 - 2022.1 IPU – Intel® SGX Advisory
- INTEL-SA-00615 - 2022.1 IPU – Intel® Processors MMIO Stale Data Advisory
- INTEL-SA-00616 - 2022.1 IPU – Intel® Xeon Advisory
- INTEL-SA-00617 - 2022.1 IPU – Intel® Processor Advisory
AMD Security Vulnerabilities, May 2022
This update applies to the H11 and H12 families of products powered by 1st/2nd/3rd Gen AMD EPYC™ Processors. This update also applies to M12 family of products powered by Ryzen™ Threadripper™ processor. Potential vulnerabilities in various platform components were discovered and have been mitigated in AMD EPYC™ and AMD Ryzen™ AGESA™ PI packages.
- AMD-SN-1027 - AMD Client Vulnerabilities – May 2022
- AMD-SN-1028 - AMD Server Vulnerabilities – May 2022
Intel Platform Update (IPU) Update 2021.2, February 2022
This update applies to the X10, X11, and X12 families of products powered by Intel Xeon® and other Intel processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.
- INTEL-SA-00470 - 2021.2 IPU – Intel® Chipset Firmware Advisory
- INTEL-SA-00527 - 2021.2 IPU – BIOS Advisory
- INTEL-SA-00532 - 2021.2 IPU – Intel® Processor Breakpoint Control Flow Advisory
- INTEL-SA-00561 - 2021.2 IPU – Intel® Processor Advisory
- INTEL-SA-00589 - 2021.2 IPU – Intel Atom® Processor Advisory
Supermicro’s response to Apache Log4j vulnerability
Supermicro is aware and joins the industry to mitigate the exposure caused by the high-priority CVE-2021-44228 (Apache Log4j 2) issue, also coined as “Log4Shell”, the CVE-2021-45046 (Apache Log4j 2) issue, and the CVE-2021-45105 (Apache Log4j 2) issue. Supermicro is also aware of the CVE-2021-4104 and CVE-2019-17571 issues for Apache Log4j 1.2.
Most Supermicro applications are not impacted by these five vulnerabilities. The only impacted application is Supermicro Power Manager (SPM). The issue will be addressed in a new version of Supermicro Power Manager (SPM) with the release pending ASAP. SPM will come with Log4j version 2.17.0.
Log4j 2
- CVE-2021-44228
- CVE-2021-45046
- CVE-2021-45105
Log4j 1.2
- CVE-2019-17571
- CVE-2021-4104
Intel Platform Update (IPU) Update 2021.2, November 2021
This update applies to the X10, X11, and X12 families of products powered by Intel Xeon® and other Intel processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.
- INTEL-SA-00528 - 2021.2 IPU – Intel® Atom® Processor Advisory
- INTEL-SA-00562 - 2021.1 IPU – BIOS Reference Code Advisory
AMD Security Vulnerabilities, November 2021
This update applies to the H11 and H12 families of products powered by 1st/2nd/3rd Gen AMD EPYC™ Processors. Potential vulnerabilities in various platform components were discovered and have been mitigated in AMD EPYC™ AGESA™ PI packages.
- AMD-SN-1021 - AMD Server Vulnerabilities – November 2021
Intel Security Advisory Intel-SA-00525, July 2021
- INTEL-SA-00525 – Intel BSSA (BIOS Shared SW Architecture) DFT Advisory
Intel-SA-00525 Security Advisory does not affect Supermicro BIOS.
詳細へIntel Platform Update (IPU) Update 2021.1, June 2021
This update applies to the X10, X11, and X12 families of products powered by Intel Xeon® and other Intel processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.
- INTEL-SA-00442 - 2021.1 IPU – Intel VT-d Advisory
- INTEL-SA-00459 - 2021.1 IPU – Intel-CSME-SPS-TXE-DAL-AMT-Advisory
- INTEL-SA-00463 - 2021.1 IPU – BIOS Advisory
- INTEL-SA-00464 - 2021.1 IPU – Intel Processor Advisory
- INTEL-SA-00465 - 2021.1 IPU – Intel Processor Advisory
Supermicro’s response to Trickboot vulnerability, March 2021
Supermicro is aware of the Trickboot issue which is observed only with a subset of the X10 UP motherboards. Supermicro will be providing a mitigation for this vulnerability.
TrickBoot is a new functionality within the TrickBot malware toolset capable of discovering vulnerabilities and enabling attackers to read/write/erase the BIOS on the device.
詳細へBIOS detects GRUB2 boot loader vulnerability in Linux OS, November 2020
A flaw was found in GRUB2, prior to version 2.06. An attacker may use the GRUB2 flaw to hijack and tamper the GRUB verification process. BIOS will detect this condition and halt the boot with an error message.
- CVE-2020-10713
Intel Platform Update (IPU) Update 2020.2, November 2020
This update applies to the X10, X11, and X12 families of products powered by Intel Xeon® and other Intel processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.
- INTEL-SA-00358 – 2020.2 IPU – BIOS Advisory
- INTEL-SA-00391 – 2020.2 IPU – Intel® CSME, SPS, TXE, and AMT Advisory
- INTEL-SA-00389 – 2020.2 IPU – Intel® RAPL Advisory
- INTEL-SA-00390 – Intel BIOS Platform Sample Code Advisory
Intel Monthly September Security Update, September 2020
This update applies to the X11 and X12 families of products powered by Intel Core® processors. Intel Monthly September Security Update combines the delivery of security updates that may have been previously provided individually.
Please note that X10 family of products is not affected by this announcement.
- Intel-SA-00404 – Intel® AMT and Intel® ISM Advisory
Intel Platform Update (IPU) Update 2020.1, June 2020
This update applies to the X10 and X11 families of products powered by Intel Xeon® processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.
- Intel-SA-00295 – Intel® CSME, SPS, TXE, AMT and DAL Advisory
- Intel-SA-00320 – Special Register Buffer Data Sampling Advisory
- Intel-SA-00322 – 2020.1 IPU BIOS Advisory
- Intel-SA-00329 – Intel® Processors Data Leakage Advisory
- Intel-SA-00260 – (updated) Intel® Processor Graphics 2019.2 QSR Update Advisory
Lot 9 of ErP (Eco-design) Compliance
Lot 9 regulations are a new set of product standards that deal with data storage devices such as enterprise-level servers. Learn how Supermicro meets European Union (EU) Eco-design requirements for servers and storage products as part of Lot 9 Compliance.
詳細へインテル 月次(2月)セキュリティアップデート、2020 年 2 月
このアップデートは、インテル® Core® プロセッサーを搭載した X11 ファミリーの製品に適用されます。インテル月次(2月)セキュリティアップデートは、これまでに個別に提供されていたセキュリティ更新プログラムを含んでいます。
- Intel-SA-00307 – Escalation of Privilege, Denial of Service, Information Disclosure
インテル BIOS アップデート, INTEL-SA-00329, 2020 年 1 月
- Intel-SA-00329 – Intel® Processors Data Leakage Advisory
インテル 月次(12月)セキュリティアップデート、2019 年 12 月
このアップデートは、インテル® Xeon® プロセッサーを搭載した X10 および X11 ファミリーの製品に適用されます。インテル月次(12月)セキュリティアップデートは、これまでに個別に提供されていたセキュリティ更新プログラムを含んでいます。
- Intel-SA-00289 – Intel® Processors Voltage Settings Modification Advisory
- Intel-SA-00317 – Unexpected Page Fault in Virtualized Environment Advisory
BMC の固有パスワードのセキュリティ機能、2019 年 11 月
Supermicro は、すべての新規 X10、X11、H11、H12、および、すべての次世代 Supermicro 製品の BMC ファームウェアスタックに、新しいセキュリティ機能を実装しました。Supermicro は BMC に固有パスワードを導入しました。
詳細へインテルプラットフォームアップデート(IPU)2019.2、2019 年11月
このアップデートは、インテル® Xeon® プロセッサーを搭載した X10 および X11 ファミリーの製品に適用されます。インテルプラットフォームアップデート(IPU)は、これまでに個別に提供されていたセキュリティ更新プログラムを含んでいます。
- Intel-SA-00164 – Intel® Trusted Execution Technology 2019.2 IPU Advisory
- Intel-SA-00219 – Intel® SGX 2019.2 with Intel® Processor Graphics IPU Update Advisory
- Intel-SA-00220 – Intel® SGX and Intel® TXT Advisory
- Intel-SA-00240 – Intel CPU Local Privilege Escalation Advisory
- Intel-SA-00241 – Intel® CSME, Server Platform Services, Trusted Execution Engine, Intel® Active Management Technology and Dynamic Application Loader 2019.2 IPU Advisory
- Intel-SA-00254 – Intel® System Management Mode 2019.2 IPU Advisory
- Intel-SA-00260 – Intel® Processor Graphics 2019.2 IPU Advisory
- Intel-SA-00270 – TSX Transaction Asynchronous Abort Advisory
- Intel-SA-00271 – Voltage Modulation Technical Advisory
- Intel-SA-00280 – BIOS 2019.2 IPU Advisory
BMC/IPMI セキュリティ脆弱性に関するアップデート 2019 年 9 月 3 日
研究者によって、Supermicro BMC の仮想メディア機能におけるセキュリティ関連の問題が特定されました。対処には BMC ファームウェアの更新が必要です。
CVE-2019-16649
CVE-2019-16650
AMD のセキュリティの脆弱性:Linuxオペレーティングシステムの脆弱性にともなう Secure Encrypted Virtualization Invalid ECC Curve Points(SEV ECC)
CVE-2019-9836
詳細へ特定の DRAM モジュールからの情報リークに対しての Rowhammer スタイルの攻撃に関する Intel のセキュリティ脆弱性
Intel-SA-00247 (CVE-2019-0174)
詳細へIntel Quarterly Security Release(QSR)Update 2019.1、2019 年 5 月
このアップデートは、インテル® Xeon® プロセッサーを搭載する製品 X8、X9、X10、X11 ファミリーに適用されます。Quarterly Security Release(QSR)は、以前、個別に提供されたセキュリティ更新プログラムの配信を組み合わせたものです。
- INTEL-SA-00213 (CVE-2019-0089, CVE-2019-0090, CVE-2019-0086, CVE-2019-0091, CVE-2019-0092, CVE-2019-0093, CVE-2019-0094, CVE-2019-0096, CVE-2019-0097, CVE-2019-0098, CVE-2019-0099, CVE-2019-0153, CVE-2019-0170)
- INTEL-SA-00223 BIOS Not Affected
- INTEL-SA-00233(CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091)
これらの問題に対応する BIOS アップデートは現在公開されています。 影響を受ける製品および必要な BIOS アップデートについては、以下の詳細をご覧ください。
Intel Quarterly Security Release(QSR)Update 2018.4、2019 年 3 月
このアップデートは、インテル® Xeon® プロセッサーを搭載する X11 製品ファミリーにのみ適用されます。Quarterly Security Release(QSR)は、以前、個別に提供されたセキュリティ更新プログラムの配信を組み合わせたものです。
- INTEL-SA-00185 (CVE-2018-12188, CVE-2018-12189, CVE-2018-12190, CVE-2018-12191, CVE-2018-12192, CVE-2018-12199, CVE-2018-12198, CVE-2018-12200, CVE-2018-12187, CVE-2018-12196, CVE-2018-12185, CVE-2018-12208)
- INTEL-SA-00191 (CVE-2018-12201, CVE-2018-12202, CVE-2018-12203, CVE-2018-12205, CVE-2018-12204)
"Spoiler": インテルプロセッサーにおける投機的実行に関する新しい研究記事
詳細へASPEED AST2400 および AST2500 システムオンチップ(SoC)を使用するシステムに関連する Baseboard Management Controller(BMC)のセキュリティ脆弱性
- CVE-2019-6260
Spectre/Meltdown サイドチャネル投機的実行
- Intel SA-00115 (CVE-2018-3639, CVE-2018-3640)
- Intel-SA-00088 (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
- Intel-SA-00161 (CVE-2018-3615, CVE-2018-3620, CVE-2018-3646)
インテル® マネジメント・エンジン(ME)、インテル® サーバー・プラットフォーム・サービス(SPS)、および、インテル® トラステッド・エグゼキューション・エンジン(TXE)に関するインテルのセキュリティ脆弱性について
- Intel-SA-00086 (CVE-2017-5705, CVE-2017-5708, CVE-2017-5711, CVE-2017-5712, CVE-2017-5706, CVE-2017-5709, CVE-2017-5707, CVE-2017-571000)
Common Security FAQs: Choose category "Security"
Get connected with product security updates from Supermicro
Subscribe today
In order to initiate a subscription to receive future Supermicro Security alerts please take the following steps:
1. Go to the upper right portion of your screen and sign in or create a Single Sign-On (SSO) account:

2. Select “Manage Email Preferences”

3.Check “Security Update Notifications”
