CSC News Table of Contents
Critical Security Vulnerabilities Discovered in Supermicro BMC Firmware: Several critical security vulnerabilities have been uncovered in Supermicro’s baseboard management controllers (BMCs) firmware.
These vulnerabilities in the Intelligent Platform Management Interface (IPMI) firmware could lead to privilege escalation and the execution of malicious code on affected systems.
Key Takeaways to Critical Security Vulnerabilities Discovered in Supermicro BMC Firmware:
- Critical Vulnerabilities: Seven security flaws in Supermicro’s BMC firmware, ranging from High to Critical severity, have been identified. These vulnerabilities could enable attackers to gain root access to BMC systems.
- BMC Functionality: Baseboard management controllers (BMCs) are specialized processors on server motherboards that support remote management, making them attractive targets for attackers to deploy persistent malware.
- Security Patch: Supermicro has released a firmware update to address these vulnerabilities and enhance system security.
Uncovering Critical Vulnerabilities
Supermicro’s baseboard management controllers (BMCs) are essential components of server motherboards that facilitate remote management of server hardware, even when the host operating system is offline.
However, security researchers have identified seven critical vulnerabilities in the Intelligent Platform Management Interface (IPMI) firmware used by Supermicro’s BMCs.
These vulnerabilities are tracked from CVE-2023-40284 through CVE-2023-40290 and pose significant security risks.
Understanding BMCs and Their Significance
BMCs play a crucial role in monitoring hardware indicators such as temperature, fan speed, and system firmware updates.
They are also capable of functioning independently of the host operating system, making them attractive targets for attackers looking to maintain persistence within a compromised system.
Details of the Vulnerabilities
Here is a breakdown of the identified vulnerabilities:
- CVE-2023-40284, CVE-2023-40287, and CVE-2023-40288: These three cross-site scripting (XSS) flaws allow remote, unauthenticated attackers to execute arbitrary JavaScript code in the context of a logged-in BMC user.
- CVE-2023-40285 and CVE-2023-40286: Two additional XSS flaws that enable remote, unauthenticated attackers to execute arbitrary JavaScript code in the context of a logged-in BMC user by manipulating browser cookies or local storage.
- CVE-2023-40289: This vulnerability, with a high CVSS score, allows for operating system command injection, potentially leading to the execution of malicious code with administrative privileges.
- CVE-2023-40290: While it has a lower CVSS score, this XSS flaw permits remote, unauthenticated attackers to execute arbitrary JavaScript code, but it’s specific to Internet Explorer 11 on Windows.
CVE-2023-40289 is particularly critical, as it could enable authenticated attackers to gain root access and fully compromise the BMC system, even after reboots.
Potential Attack Scenarios
Attackers could exploit these vulnerabilities to create an admin-level account for the BMC’s web server component. By combining these vulnerabilities, attackers might achieve command injection and execute code. For example, a phishing email with a malicious link could trigger the execution of an XSS payload.
Addressing the Vulnerabilities
Supermicro has responded promptly to these vulnerabilities by releasing a BMC firmware update that patches the identified flaws. It is crucial for organizations using Supermicro BMCs to apply this security update to enhance system security.
No Evidence of Exploitation Yet
As of now, there is no evidence of malicious exploitation of these vulnerabilities in the wild. However, researchers have observed over 70,000 instances of internet-exposed Supermicro IPMI web interfaces, underscoring the importance of applying security updates promptly.
In conclusion, addressing these critical vulnerabilities in Supermicro’s BMC firmware is vital to safeguard systems from potential exploitation and maintain robust cybersecurity.
About Supermicro:
Supermicro is a leading provider of advanced server solutions, including motherboards and baseboard management controllers (BMCs). Their products are widely used in data centers and server infrastructure around the world.
