Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware.
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HSupermicro X10drg
HWSupermicrowszystkie wersjeSupermicro X10drg Firmware
OSSupermicrowszystkie wersjeSupermicro X10drgh
HWSupermicrowszystkie wersjeSupermicro X10drgh Firmware
OSSupermicrowszystkie wersjeSupermicro X10drgo
HWSupermicrowszystkie wersjeSupermicro X10drgo Firmware
OSSupermicrowszystkie wersjeSupermicro X10drh
HWSupermicrowszystkie wersjeSupermicro X10drh4
HWSupermicrowszystkie wersjeSupermicro X10drh4 Firmware
OSSupermicrowszystkie wersjeSupermicro X10drh Firmware
OSSupermicrowszystkie wersjeSupermicro X10dri1
HWSupermicrowszystkie wersjeSupermicro X10dri1 Firmware
OSSupermicrowszystkie wersjeSupermicro X10drl
HWSupermicrowszystkie wersjeSupermicro X10drlc
HWSupermicrowszystkie wersjeSupermicro X10drlc Firmware
OSSupermicrowszystkie wersjeSupermicro X10drl Firmware
OSSupermicrowszystkie wersjeSupermicro X10drln
HWSupermicrowszystkie wersjeSupermicro X10drln Firmware
OSSupermicrowszystkie wersjeSupermicro X10drs
HWSupermicrowszystkie wersjeSupermicro X10drs Firmware
OSSupermicrowszystkie wersjeSupermicro X10drt
HWSupermicrowszystkie wersjeSupermicro X10drtb
HWSupermicrowszystkie wersjeSupermicro X10drtb Firmware
OSSupermicrowszystkie wersjeSupermicro X10drt Firmware
OSSupermicrowszystkie wersjeSupermicro X10drth
HWSupermicrowszystkie wersjeSupermicro X10drth Firmware
OSSupermicrowszystkie wersjeSupermicro X10drtl
HWSupermicrowszystkie wersjeSupermicro X10drtl Firmware
OSSupermicrowszystkie wersjeSupermicro X10drtps
HWSupermicrowszystkie wersjeSupermicro X10drtps Firmware
OSSupermicrowszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
References
Related vulnerabilities
CVE-2022-43309MEDIUM5.5ten sam produkt
Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.
CVE-2023-35861CRITICAL9.8ten sam vendor
A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03....
CVE-2019-16650CRITICAL10.0ten sam vendor
On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that...
CVE-2019-16649CRITICAL10.0ten sam vendor
On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problem...
CVE-2019-13131CRITICAL9.8ten sam vendor
Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote attackers to exec...