CVE-2018-13787 - Vulnerability Details

Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00159.

Key SSVC decision points have not yet been added.

Vendors	Products
Supermicro Subscribe	A1sa Subscribe A1sa Firmware Subscribe A1sai Subscribe A1sai1 Subscribe A1sai1 Firmware Subscribe A1sai Firmware Subscribe A1sam Subscribe A1sam Firmware Subscribe A1srm Subscribe A1srm Firmware Subscribe A2san Subscribe A2san Firmware Subscribe A2sap Subscribe A2sap Firmware Subscribe A2sav Subscribe A2sav Firmware Subscribe B10drg Subscribe B10drg Firmware Subscribe B10dri Subscribe B10dri Firmware Subscribe B10drt Subscribe B10drt Firmware Subscribe B1dri Subscribe B1dri Firmware Subscribe B1sa4 Subscribe B1sa4 Firmware Subscribe B1sd2tf Subscribe B1sd2tf Firmware Subscribe C7b250 Subscribe C7b250 Firmware Subscribe C7h270 Subscribe C7h270 Firmware Subscribe C7q270 Subscribe C7q270 Firmware Subscribe C7x99oc Subscribe C7x99oc Firmware Subscribe C7z170 Subscribe C7z170 Firmware Subscribe C7z170o Subscribe C7z170o Firmware Subscribe C7z170oce Subscribe C7z170oce Firmware Subscribe C7z270c Subscribe C7z270c Firmware Subscribe C7z270cg Subscribe C7z270cg Firmware Subscribe C7z270l Subscribe C7z270l Firmware Subscribe C7z270m Subscribe C7z270m Firmware Subscribe C7z270p Subscribe C7z270p Firmware Subscribe C7z370i Subscribe C7z370i Firmware Subscribe C7z370l Subscribe C7z370l Firmware Subscribe C7z87oc Subscribe C7z87oc Firmware Subscribe C7z97mf Subscribe C7z97mf Firmware Subscribe C7z97oc Subscribe C7z97oc Firmware Subscribe C9x299 Subscribe C9x299 Firmware Subscribe K1spes Subscribe K1spes Firmware Subscribe K1spi Subscribe K1spi Firmware Subscribe X10dai Subscribe X10dai Firmware Subscribe X10dal Subscribe X10dal Firmware Subscribe X10dali Subscribe X10dali Firmware Subscribe X10dax Subscribe X10dax Firmware Subscribe X10ddw3 Subscribe X10ddw3 Firmware Subscribe X10ddw4 Subscribe X10ddw4 Firmware Subscribe X10ddwi Subscribe X10ddwi Firmware Subscribe X10ddwn Subscribe X10ddwn Firmware Subscribe X10dgo Subscribe X10dgo Firmware Subscribe X10drc Subscribe X10drc Firmware Subscribe X10drd Subscribe X10drd Firmware Subscribe X10drdl Subscribe X10drdl Firmware Subscribe X10drff Subscribe X10drff Firmware Subscribe X10drfg Subscribe X10drfg Firmware Subscribe X10drfr Subscribe X10drfr Firmware Subscribe X10drg Subscribe X10drg Firmware Subscribe X10drgh Subscribe X10drgh Firmware Subscribe X10drgo Subscribe X10drgo Firmware Subscribe X10drh Subscribe X10drh4 Subscribe X10drh4 Firmware Subscribe X10drh Firmware Subscribe X10dri1 Subscribe X10dri1 Firmware Subscribe X10drl Subscribe X10drl Firmware Subscribe X10drlc Subscribe X10drlc Firmware Subscribe X10drln Subscribe X10drln Firmware Subscribe X10drs Subscribe X10drs Firmware Subscribe X10drt Subscribe X10drt Firmware Subscribe X10drtb Subscribe X10drtb Firmware Subscribe X10drth Subscribe X10drth Firmware Subscribe X10drtl Subscribe X10drtl Firmware Subscribe X10drtps Subscribe X10drtps Firmware Subscribe X10drts Subscribe X10drts Firmware Subscribe X10dru Subscribe X10dru Firmware Subscribe X10drul Subscribe X10drul Firmware Subscribe X10drux Subscribe X10drux Firmware Subscribe X10drw Subscribe X10drw Firmware Subscribe X10drwn Subscribe X10drwn Firmware Subscribe X10drx Subscribe X10drx Firmware Subscribe X10dsc Subscribe X10dsc Firmware Subscribe X10dscp Subscribe X10dscp Firmware Subscribe X10dsn Subscribe X10dsn Firmware Subscribe X10qrh Subscribe X10qrh Firmware Subscribe X10sba Subscribe X10sba Firmware Subscribe X10sddf Subscribe X10sddf Firmware Subscribe X10sde Subscribe X10sde Firmware Subscribe X10sdvf Subscribe X10sdvf Firmware Subscribe X10sdvt Subscribe X10sdvt Firmware Subscribe X10sra Subscribe X10sra Firmware Subscribe X10srd Subscribe X10srd Firmware Subscribe X10srg Subscribe X10srg Firmware Subscribe X10srh Subscribe X10srh Firmware Subscribe X10sri Subscribe X10sri Firmware Subscribe X10srl Subscribe X10srl Firmware Subscribe X10srm Subscribe X10srm Firmware Subscribe X10srw Subscribe X10srw Firmware Subscribe X11sae Subscribe X11sae Firmware Subscribe X11sae M Subscribe X11sae M Firmware Subscribe X11sat Subscribe X11sat Firmware Subscribe X11sba Subscribe X11sba Firmware Subscribe X11sra Subscribe X11sra Firmware Subscribe X11srm Subscribe X11srm Firmware Subscribe X11ssn Subscribe X11ssn Firmware Subscribe X11ssq Subscribe X11ssq Firmware Subscribe X11ssql Subscribe X11ssql Firmware Subscribe X11ssv Subscribe X11ssv Firmware Subscribe X11ssz Subscribe X11ssz Firmware Subscribe X8sia Subscribe X8sia Firmware Subscribe X8sie Subscribe X8sie Firmware Subscribe X8sil Subscribe X8sil Firmware Subscribe X8sit Subscribe X8sit Firmware Subscribe X8siu Subscribe X8siu Firmware Subscribe X9dbl Subscribe X9dbl Firmware Subscribe X9drf Subscribe X9drf Firmware Subscribe X9drffp Subscribe X9drffp Firmware Subscribe X9drgqf Subscribe X9drgqf Firmware Subscribe X9drth Subscribe X9drth Firmware Subscribe X9sae Subscribe X9sae Firmware Subscribe

Configuration 1 [-]

AND

cpe:2.3:o:supermicro:x11ssz_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x11ssz:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:supermicro:x11ssv_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x11ssv:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:supermicro:x11ssql_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x11ssql:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:supermicro:x11ssq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x11ssq:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:supermicro:x11ssn_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x11ssn:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:supermicro:x11srm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x11srm:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:supermicro:x11sra_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x11sra:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:supermicro:x11sba_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x11sba:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:supermicro:x11sat_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x11sat:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:supermicro:x11sae_m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x11sae_m:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:supermicro:x11sae_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x11sae:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:supermicro:x10srw_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10srw:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:supermicro:x10srm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10srm:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:supermicro:x10srl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10srl:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:supermicro:x10sri_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10sri:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:supermicro:x10srh_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10srh:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:supermicro:x10srg_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10srg:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:supermicro:x10srd_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10srd:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:supermicro:x10sra_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10sra:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:supermicro:x10sdvt_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10sdvt:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:supermicro:x10sdvf_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10sdvf:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:supermicro:x10sde_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10sde:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:supermicro:x10sddf_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10sddf:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:supermicro:x10sba_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10sba:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:supermicro:x10qrh_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10qrh:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:supermicro:x10dsn_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10dsn:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:supermicro:x10dscp_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10dscp:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:supermicro:x10dsc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10dsc:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:supermicro:x10drx_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drx:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:supermicro:x10drwn_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drwn:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:supermicro:x10drw_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drw:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:supermicro:x10drux_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drux:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:supermicro:x10drul_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drul:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:supermicro:x10dru_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10dru:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:supermicro:x10drts_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drts:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:supermicro:x10drtps_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drtps:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:supermicro:x10drtl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drtl:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:supermicro:x10drth_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drth:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:supermicro:x10drtb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drtb:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:supermicro:x10drt_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drt:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:supermicro:x10drs_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drs:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:supermicro:x10drln_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drln:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:supermicro:x10drlc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drlc:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:supermicro:x10drl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drl:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:supermicro:x10dri1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10dri1:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:supermicro:x10drh4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drh4:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:supermicro:x10drh_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drh:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:supermicro:x10drgo_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drgo:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:supermicro:x10drgh_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drgh:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:supermicro:x10drg_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drg:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:supermicro:x10drfr_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drfr:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:supermicro:x10drfg_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drfg:-:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:supermicro:x10drff_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drff:-:*:*:*:*:*:*:*

Configuration 54 [-]

AND

cpe:2.3:o:supermicro:x10drdl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drdl:-:*:*:*:*:*:*:*

Configuration 55 [-]

AND

cpe:2.3:o:supermicro:x10drd_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drd:-:*:*:*:*:*:*:*

Configuration 56 [-]

AND

cpe:2.3:o:supermicro:x10drc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10drc:-:*:*:*:*:*:*:*

Configuration 57 [-]

AND

cpe:2.3:o:supermicro:x10dgo_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10dgo:-:*:*:*:*:*:*:*

Configuration 58 [-]

AND

cpe:2.3:o:supermicro:x10ddwn_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10ddwn:-:*:*:*:*:*:*:*

Configuration 59 [-]

AND

cpe:2.3:o:supermicro:x10ddwi_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10ddwi:-:*:*:*:*:*:*:*

Configuration 60 [-]

AND

cpe:2.3:o:supermicro:x10ddw4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10ddw4:-:*:*:*:*:*:*:*

Configuration 61 [-]

AND

cpe:2.3:o:supermicro:x10ddw3_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10ddw3:-:*:*:*:*:*:*:*

Configuration 62 [-]

AND

cpe:2.3:o:supermicro:x10dax_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10dax:-:*:*:*:*:*:*:*

Configuration 63 [-]

AND

cpe:2.3:o:supermicro:x10dali_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10dali:-:*:*:*:*:*:*:*

Configuration 64 [-]

AND

cpe:2.3:o:supermicro:x10dal_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10dal:-:*:*:*:*:*:*:*

Configuration 65 [-]

AND

cpe:2.3:o:supermicro:x10dai_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x10dai:-:*:*:*:*:*:*:*

Configuration 66 [-]

AND

cpe:2.3:o:supermicro:b10drt_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:b10drt:-:*:*:*:*:*:*:*

Configuration 67 [-]

AND

cpe:2.3:o:supermicro:b10dri_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:b10dri:-:*:*:*:*:*:*:*

Configuration 68 [-]

AND

cpe:2.3:o:supermicro:b10drg_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:b10drg:-:*:*:*:*:*:*:*

Configuration 69 [-]

AND

cpe:2.3:o:supermicro:x9sae_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x9sae:-:*:*:*:*:*:*:*

Configuration 70 [-]

AND

cpe:2.3:o:supermicro:x9drth_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x9drth:-:*:*:*:*:*:*:*

Configuration 71 [-]

AND

cpe:2.3:o:supermicro:x9drgqf_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x9drgqf:-:*:*:*:*:*:*:*

Configuration 72 [-]

AND

cpe:2.3:o:supermicro:x9drffp_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x9drffp:-:*:*:*:*:*:*:*

Configuration 73 [-]

AND

cpe:2.3:o:supermicro:x9drf_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x9drf:-:*:*:*:*:*:*:*

Configuration 74 [-]

AND

cpe:2.3:o:supermicro:x9dbl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x9dbl:-:*:*:*:*:*:*:*

Configuration 75 [-]

AND

cpe:2.3:o:supermicro:x8siu_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x8siu:-:*:*:*:*:*:*:*

Configuration 76 [-]

AND

cpe:2.3:o:supermicro:x8sit_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x8sit:-:*:*:*:*:*:*:*

Configuration 77 [-]

AND

cpe:2.3:o:supermicro:x8sil_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x8sil:-:*:*:*:*:*:*:*

Configuration 78 [-]

AND

cpe:2.3:o:supermicro:x8sie_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x8sie:-:*:*:*:*:*:*:*

Configuration 79 [-]

AND

cpe:2.3:o:supermicro:x8sia_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:x8sia:-:*:*:*:*:*:*:*

Configuration 80 [-]

AND

cpe:2.3:o:supermicro:k1spi_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:k1spi:-:*:*:*:*:*:*:*

Configuration 81 [-]

AND

cpe:2.3:o:supermicro:k1spes_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:k1spes:-:*:*:*:*:*:*:*

Configuration 82 [-]

AND

cpe:2.3:o:supermicro:c9x299_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c9x299:-:*:*:*:*:*:*:*

Configuration 83 [-]

AND

cpe:2.3:o:supermicro:c7z97oc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z97oc:-:*:*:*:*:*:*:*

Configuration 84 [-]

AND

cpe:2.3:o:supermicro:c7z97mf_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z97mf:-:*:*:*:*:*:*:*

Configuration 85 [-]

AND

cpe:2.3:o:supermicro:c7z87oc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z87oc:-:*:*:*:*:*:*:*

Configuration 86 [-]

AND

cpe:2.3:o:supermicro:c7z370l_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z370l:-:*:*:*:*:*:*:*

Configuration 87 [-]

AND

cpe:2.3:o:supermicro:c7z370i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z370i:-:*:*:*:*:*:*:*

Configuration 88 [-]

AND

cpe:2.3:o:supermicro:c7z270p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z270p:-:*:*:*:*:*:*:*

Configuration 89 [-]

AND

cpe:2.3:o:supermicro:c7z270m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z270m:-:*:*:*:*:*:*:*

Configuration 90 [-]

AND

cpe:2.3:o:supermicro:c7z270l_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z270l:-:*:*:*:*:*:*:*

Configuration 91 [-]

AND

cpe:2.3:o:supermicro:c7z270cg_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z270cg:-:*:*:*:*:*:*:*

Configuration 92 [-]

AND

cpe:2.3:o:supermicro:c7z270c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z270c:-:*:*:*:*:*:*:*

Configuration 93 [-]

AND

cpe:2.3:o:supermicro:c7z170oce_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z170oce:-:*:*:*:*:*:*:*

Configuration 94 [-]

AND

cpe:2.3:o:supermicro:c7z170o_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z170o:-:*:*:*:*:*:*:*

Configuration 95 [-]

AND

cpe:2.3:o:supermicro:c7z170_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7z170:-:*:*:*:*:*:*:*

Configuration 96 [-]

AND

cpe:2.3:o:supermicro:c7x99oc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7x99oc:-:*:*:*:*:*:*:*

Configuration 97 [-]

AND

cpe:2.3:o:supermicro:c7q270_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7q270:-:*:*:*:*:*:*:*

Configuration 98 [-]

AND

cpe:2.3:o:supermicro:c7h270_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7h270:-:*:*:*:*:*:*:*

Configuration 99 [-]

AND

cpe:2.3:o:supermicro:c7b250_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:c7b250:-:*:*:*:*:*:*:*

Configuration 100 [-]

AND

cpe:2.3:o:supermicro:b1sd2tf_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:b1sd2tf:-:*:*:*:*:*:*:*

Configuration 101 [-]

AND

cpe:2.3:o:supermicro:b1sa4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:b1sa4:-:*:*:*:*:*:*:*

Configuration 102 [-]

AND

cpe:2.3:o:supermicro:b1dri_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:b1dri:-:*:*:*:*:*:*:*

Configuration 103 [-]

AND

cpe:2.3:o:supermicro:a2sav_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:a2sav:-:*:*:*:*:*:*:*

Configuration 104 [-]

AND

cpe:2.3:o:supermicro:a2sap_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:a2sap:-:*:*:*:*:*:*:*

Configuration 105 [-]

AND

cpe:2.3:o:supermicro:a2san_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:a2san:-:*:*:*:*:*:*:*

Configuration 106 [-]

AND

cpe:2.3:o:supermicro:a1srm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:a1srm:-:*:*:*:*:*:*:*

Configuration 107 [-]

AND

cpe:2.3:o:supermicro:a1sam_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:a1sam:-:*:*:*:*:*:*:*

Configuration 108 [-]

AND

cpe:2.3:o:supermicro:a1sai1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:a1sai1:-:*:*:*:*:*:*:*

Configuration 109 [-]

AND

cpe:2.3:o:supermicro:a1sai_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:a1sai:-:*:*:*:*:*:*:*

Configuration 110 [-]

AND

cpe:2.3:o:supermicro:a1sa_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:supermicro:a1sa:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2018-5725	Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://blog.eclypsium.com/2018/06/07/firmware-vulnerabilities-in-supermicro-systems/
https://www.bleepingcomputer.com/news/security/firmware-vulnerabilities-disclosed-in-supermicro-server-products/
https://www.supermicro.com/support/security_Intel-SA-00088.cfm?pg=X10#tab

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-07-09T18:00:00

Updated: 2024-08-05T09:14:47.218Z

Reserved: 2018-07-09T00:00:00

Link: CVE-2018-13787

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-07-09T18:29:00.560

Modified: 2024-11-21T03:47:59.033

Link: CVE-2018-13787

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

NVD-CWE-noinfo

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Projects

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object