An issue was discovered on Supermicro BMC firmware in select X11, X12, H12, B12, X13, H13, and B13 motherboards (and CMM6 modules). An unauthenticated user can post crafted data to the interface that triggers a stack buffer overflow, and may lead to arbitrary remote code execution on a BMC.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.08102.

Exploitation none

Automatable yes

Technical Impact total

Affected Vendors & Products

Vendors Products
Supermicro
  • B12dpe-6 Firmware
  • B12dpt-6 Firmware
  • B12spe-cpu-25g Firmware
  • B13dee Firmware
  • B13det Firmware
  • B13see-cpu-25g Firmware
  • B13seg Firmware
  • H12dgo-6 Firmware
  • H12dgq-nt6 Firmware
  • H12dsg-o-cpu Firmware
  • H12dsg-q-cpu6 Firmware
  • H12dsi-n6 Firmware
  • H12dsi-nt6 Firmware
  • H12dst-b Firmware
  • H12dsu-in Firmware
  • H12dsu-inr Firmware
  • H12ssff-an6 Firmware
  • H12ssfr-an6 Firmware
  • H12ssg-an6 Firmware
  • H12ssg-anp6 Firmware
  • H12ssl-c Firmware
  • H12ssl-i Firmware
  • H12ssl-nt Firmware
  • H12sst-ps Firmware
  • H12ssw-an6 Firmware
  • H12ssw-in Firmware
  • H12ssw-inl Firmware
  • H12ssw-inr Firmware
  • H12ssw-nt Firmware
  • H12ssw-ntl Firmware
  • H12ssw-ntr Firmware
  • H13dsg-o-cpu-d Firmware
  • H13dsg-o-cpu Firmware
  • H13dsg-om Firmware
  • H13dsh Firmware
  • H13sae-mf Firmware
  • H13sra-f Firmware
  • H13sra-tf Firmware
  • H13srd-f Firmware
  • H13ssf Firmware
  • H13ssh Firmware
  • H13ssl-n Firmware
  • H13ssl-nt Firmware
  • H13sst-g Firmware
  • H13sst-gc Firmware
  • H13ssw Firmware
  • H13svw-n Firmware
  • H13svw-nt Firmware
  • X11dac Firmware
  • X11dai-n Firmware
  • X11ddw-l Firmware
  • X11ddw-nt Firmware
  • X11dgo-t Firmware
  • X11dgq Firmware
  • X11dpd-l Firmware
  • X11dpd-m25 Firmware
  • X11dpff-sn Firmware
  • X11dpff-snr Firmware
  • X11dpfr-s Firmware
  • X11dpfr-sn Firmware
  • X11dpg-hgx2 Firmware
  • X11dpg-ot-cpu Firmware
  • X11dpg-qt Firmware
  • X11dpg-sn Firmware
  • X11dph-i Firmware
  • X11dph-t Firmware
  • X11dph-tq Firmware
  • X11dpi-n Firmware
  • X11dpi-nt Firmware
  • X11dpl-i Firmware
  • X11dps-re Firmware
  • X11dpt-b Firmware
  • X11dpt-bh Firmware
  • X11dpt-br Firmware
  • X11dpt-l Firmware
  • X11dpt-ps Firmware
  • X11dpu-r Firmware
  • X11dpu-v Firmware
  • X11dpu-x Firmware
  • X11dpu-xll Firmware
  • X11dpu-z\+ Firmware
  • X11dpu-ze\+ Firmware
  • X11dpu Firmware
  • X11dpx-t Firmware
  • X11dsc\+ Firmware
  • X11dsc Firmware
  • X11dsf-e Firmware
  • X11dsn-ts Firmware
  • X11dsn-tsq Firmware
  • X11opi-cpu-cl Firmware
  • X11opi-cpu Firmware
  • X11pdg-ot Firmware
  • X11pdg-qt Firmware
  • X11pdg-sn Firmware
  • X11qph\+ Firmware
  • X11qpl Firmware
  • X11saa Firmware
  • X11sae-f Firmware
  • X11sae-m Firmware
  • X11sae Firmware
  • X11sae M Firmware
  • X11san-wohs Firmware
  • X11san Firmware
  • X11sat-f Firmware
  • X11sat Firmware
  • X11sba-f Firmware
  • X11sba-ln4f Firmware
  • X11sba Firmware
  • X11sca-f Firmware
  • X11sca-w Firmware
  • X11sca Firmware
  • X11scd-f Firmware
  • X11sce-f Firmware
  • X11sch-f Firmware
  • X11sch-ln4f Firmware
  • X11scl-f Firmware
  • X11scl-if Firmware
  • X11scl-ln4f Firmware
  • X11scm-f Firmware
  • X11scm-ln8f Firmware
  • X11scq-l Firmware
  • X11scq Firmware
  • X11scv-l Firmware
  • X11scv-q Firmware
  • X11scz-f Firmware
  • X11scz-q Firmware
  • X11sdc-16c Firmware
  • X11sdc-4c Firmware
  • X11sdc-8c Firmware
  • X11sdd-18c-f Firmware
  • X11sdd-8c-f Firmware
  • X11sds-12c Firmware
  • X11sds-14c Firmware
  • X11sds-16c Firmware
  • X11sds-8c Firmware
  • X11sdv-12c-tln2f Firmware
  • X11sdv-12c-tp8f Firmware
  • X11sdv-16c-tln2f Firmware
  • X11sdv-16c-tp8f Firmware
  • X11sdv-16c\+-tln2f Firmware
  • X11sdv-4c-tln2f Firmware
  • X11sdv-4c-tp8f-01 Firmware
  • X11sdv-4c-tp8f Firmware
  • X11sdv-8c-tln2f Firmware
  • X11sdv-8c-tp8f Firmware
  • X11sdv-8c\+-tln2f Firmware
  • X11sdw-12c-tp13f Firmware
  • X11sdw-14c-tp13f Firmware
  • X11sdw-14cn-tp13f\+ Firmware
  • X11sdw-14cnt-tp13f Firmware
  • X11sdw-16c-tp13f\+ Firmware
  • X11sdw-16c-tp13f Firmware
  • X11sdw-4c-tp13f\+ Firmware
  • X11sdw-4c-tp13f Firmware
  • X11sdw-8c-tp13f Firmware
  • X11spa-t Firmware
  • X11spa-tf Firmware
  • X11spd-f Firmware
  • X11spg-tf Firmware
  • X11sph-nctf Firmware
  • X11sph-nctpf Firmware
  • X11spi-tf Firmware
  • X11spl-f Firmware
  • X11spm-f Firmware
  • X11spm-tf Firmware
  • X11spm-tpf Firmware
  • X11spw-ctf Firmware
  • X11spw-tf Firmware
  • X11sra-f Firmware
  • X11sra-rf Firmware
  • X11sra Firmware
  • X11sri-if Firmware
  • X11srl-f Firmware
  • X11srm-f Firmware
  • X11srm-vf Firmware
  • X11srm Firmware
  • X11ssa-f Firmware
  • X11ssd-f Firmware
  • X11sse-f Firmware
  • X11ssh-ctf Firmware
  • X11ssh-f Firmware
  • X11ssh-gf-1585 Firmware
  • X11ssh-gf-1585l Firmware
  • X11ssh-gtf-1585 Firmware
  • X11ssh-gtf-1585l Firmware
  • X11ssh-ln4f Firmware
  • X11ssh-tf Firmware
  • X11ssi-ln4f Firmware
  • X11ssl-cf Firmware
  • X11ssl-f Firmware
  • X11ssl-nf Firmware
  • X11ssl Firmware
  • X11ssm-f Firmware
  • X11ssm Firmware
  • X11ssn-e-001 Firmware
  • X11ssn-e-vdc Firmware
  • X11ssn-e-wohs Firmware
  • X11ssn-e Firmware
  • X11ssn-h-001 Firmware
  • X11ssn-h-vdc Firmware
  • X11ssn-h-wohs Firmware
  • X11ssn-h Firmware
  • X11ssn-l-001 Firmware
  • X11ssn-l-vdc Firmware
  • X11ssn-l-wohs Firmware
  • X11ssn-l Firmware
  • X11ssn Firmware
  • X11ssq-l Firmware
  • X11ssq Firmware
  • X11ssql Firmware
  • X11ssv-lvds Firmware
  • X11ssv-m4 Firmware
  • X11ssv-m4f Firmware
  • X11ssv-q Firmware
  • X11ssw-4tf Firmware
  • X11ssw-f Firmware
  • X11ssw-tf Firmware
  • X11ssz-f Firmware
  • X11ssz-qf Firmware
  • X11ssz Firmware
  • X11swn-c-wohs Firmware
  • X11swn-e-wohs Firmware
  • X11swn-e Firmware
  • X11swn-h-wohs Firmware
  • X11swn-h Firmware
  • X11swn-l-wohs Firmware
  • X11swn-l Firmware
  • X12dai-n6 Firmware
  • X12ddw-a6 Firmware
  • X12dgo-6 Firmware
  • X12dgq-r Firmware
  • X12dgu Firmware
  • X12dhm-6 Firmware
  • X12dpd-a6m25 Firmware
  • X12dpfr-an6 Firmware
  • X12dpg-ar Firmware
  • X12dpg-oa6-gd2 Firmware
  • X12dpg-oa6 Firmware
  • X12dpg-qbt6 Firmware
  • X12dpg-qr Firmware
  • X12dpg-qt6 Firmware
  • X12dpg-u6 Firmware
  • X12dpi-n6 Firmware
  • X12dpi-nt6 Firmware
  • X12dpl-i6 Firmware
  • X12dpl-nt6 Firmware
  • X12dpt-b6 Firmware
  • X12dpt-pt46 Firmware
  • X12dpt-pt6 Firmware
  • X12dpu-6 Firmware
  • X12qch\+ Firmware
  • X12sae-5 Firmware
  • X12sae Firmware
  • X12sca-5f Firmware
  • X12sca-f Firmware
  • X12scq Firmware
  • X12scv-lvds Firmware
  • X12scv-w Firmware
  • X12scz-f Firmware
  • X12scz-qf Firmware
  • X12scz-tln4f Firmware
  • X12sdv-10c-sp6f Firmware
  • X12sdv-10c-spt4f Firmware
  • X12sdv-14c-spt8f Firmware
  • X12sdv-16c-spt8f Firmware
  • X12sdv-20c-spt8f Firmware
  • X12sdv-4c-sp6f Firmware
  • X12sdv-4c-spt4f Firmware
  • X12sdv-4c-spt8f Firmware
  • X12sdv-8c-sp6f Firmware
  • X12sdv-8c-spt4f Firmware
  • X12sdv-8c-spt8f Firmware
  • X12sdv-8ce-sp4f Firmware
  • X12spa-tf Firmware
  • X12sped-f Firmware
  • X12spg-nf Firmware
  • X12spi-tf Firmware
  • X12spl-f Firmware
  • X12spl-ln4f Firmware
  • X12spm-ln4f Firmware
  • X12spm-ln6tf Firmware
  • X12spm-tf Firmware
  • X12spo-f Firmware
  • X12spo-ntf Firmware
  • X12spt-g Firmware
  • X12spt-gc Firmware
  • X12spt-pt Firmware
  • X12spw-f Firmware
  • X12spw-tf Firmware
  • X12spz-ln4f Firmware
  • X12spz-spln6f Firmware
  • X12std-f Firmware
  • X12ste-f Firmware
  • X12sth-f Firmware
  • X12sth-ln4f Firmware
  • X12sth-sys Firmware
  • X12stl-f Firmware
  • X12stl-if Firmware
  • X12stn-c-wohs Firmware
  • X12stn-c Firmware
  • X12stn-e-wohs Firmware
  • X12stn-e Firmware
  • X12stn-h-wohs Firmware
  • X12stn-h Firmware
  • X12stn-l-wohs Firmware
  • X12stn-l Firmware
  • X12stw-f Firmware
  • X12stw-tf Firmware
  • X13dai-t Firmware
  • X13ddw-a Firmware
  • X13deg-oa Firmware
  • X13deg-oad Firmware
  • X13deg-pvc Firmware
  • X13deg-qt Firmware
  • X13deh Firmware
  • X13dei-t Firmware
  • X13dei Firmware
  • X13dem Firmware
  • X13det-b Firmware
  • X13dgu Firmware
  • X13dsf-a Firmware
  • X13qeh\+ Firmware
  • X13sae-f Firmware
  • X13sae Firmware
  • X13san-c-wohs Firmware
  • X13san-c Firmware
  • X13san-e-wohs Firmware
  • X13san-e Firmware
  • X13san-h-wohs Firmware
  • X13san-h Firmware
  • X13san-l-wohs Firmware
  • X13san-l Firmware
  • X13saq Firmware
  • X13sav-lvds Firmware
  • X13sav-ps Firmware
  • X13saz-f Firmware
  • X13saz-q Firmware
  • X13sedw-f Firmware
  • X13seed-f Firmware
  • X13seed-sf Firmware
  • X13sefr-a Firmware
  • X13sei-f Firmware
  • X13sei-tf Firmware
  • X13sem-f Firmware
  • X13sem-tf Firmware
  • X13set-g Firmware
  • X13set-gc Firmware
  • X13sew-f Firmware
  • X13sew-tf Firmware
  • X13sra-tf Firmware
  • X13srn-e-wohs Firmware
  • X13srn-e Firmware
  • X13srn-h-wohs Firmware
  • X13srn-h Firmware
  • X13swa-tf Firmware

No data.

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2024-36083 An issue was discovered on Supermicro BMC firmware in select X11, X12, H12, B12, X13, H13, and B13 motherboards (and CMM6 modules). An unauthenticated user can post crafted data to the interface that triggers a stack buffer overflow, and may lead to arbitrary remote code execution on a BMC.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.supermicro.com/zh_tw/support/security_BMC_IPMI_Jul_2024 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-02T03:37:05.220Z

Reserved: 2024-05-27T00:00:00

Link: CVE-2024-36435

cve-icon Vulnrichment

Updated: 2024-07-22T14:00:43.844Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-07-11T21:15:12.507

Modified: 2024-11-21T09:22:10.433

Link: CVE-2024-36435

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.