Remote server attacks possible with novel Supermicro BMC flaws

Numerous servers could be subjected to remote attacks with the exploitation of several vulnerabilities impacting Supermicro's Baseboard Management Controller IPMI firmware, which have since been addressed in security updates, SecurityWeek reports. Attackers could remotely leverage the bugs, tracked as CVE-2023-40284 to CVE-2023-40290, to facilitate root access to BMC, according to Binarly, which discovered the vulnerabilities. Three cross-site scripting flaws, tracked as CVE-2023-40284, CVE-2023-40287, and CVE-2023-40288, which could be used to send phishing links without required logins, have been noted by Binarly to be the most severe of the fixed vulnerabilities even though Binarly only rated them as high-severity bugs. Binarly said that critical severity should also be given to the command injection bug, tracked as CVE-2023-40289, which could be leveraged to facilitate total BMC system compromise. "This privilege makes it possible to make the attack persistent even while the BMC component is rebooted and to move laterally within the compromised infrastructure, infecting other endpoints," added Binarly.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.