CVE-2024-10237

Summary

There is a vulnerability in the BMC firmware image authentication design

at Supermicro MBD-X12DPG-OA6

. An attacker can modify the firmware to bypass BMC inspection and bypass the signature verification process

Affected Software

VendorProductVersion RangeStatus
SMCIMBD-X12DPG-OA61.04.16affected

Weaknesses

  • CWE-347: CWE-347: Improper Verification of Cryptographic Signature
  • CWE-345: CWE-345: Insufficient Verification of Data Authenticity

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References