Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerability
CVE-2018-13787
Published:
2018-07-09
Description:
Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware.
Type:
CWE-noinfo
CVSS2
=> (AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Supermicro
->
C7h270 firmware
Supermicro
->
C9x299 firmware
Supermicro
->
X10drfg firmware
Supermicro
->
X10drtps firmware
Supermicro
->
X10sdvt firmware
Supermicro
->
X11ssq firmware
Supermicro
->
C7q270 firmware
Supermicro
->
K1spes firmware
Supermicro
->
X10drfr firmware
Supermicro
->
X10drts firmware
Supermicro
->
X10sra firmware
Supermicro
->
X11ssql firmware
Supermicro
->
A1sa firmware
Supermicro
->
C7x99oc firmware
Supermicro
->
K1spi firmware
Supermicro
->
X10drg firmware
Supermicro
->
X10dru firmware
Supermicro
->
X10srd firmware
Supermicro
->
X11ssv firmware
Supermicro
->
A1sai1 firmware
Supermicro
->
C7z170 firmware
Supermicro
->
X10dai firmware
Supermicro
->
X10drgh firmware
Supermicro
->
X10drul firmware
Supermicro
->
X10srg firmware
Supermicro
->
X11ssz firmware
Supermicro
->
A1sai firmware
Supermicro
->
C7z170o firmware
Supermicro
->
X10dal firmware
Supermicro
->
X10drgo firmware
Supermicro
->
X10drux firmware
Supermicro
->
X10srh firmware
Supermicro
->
X8sia firmware
Supermicro
->
A1sam firmware
Supermicro
->
C7z170oce firmware
Supermicro
->
X10dali firmware
Supermicro
->
X10drh4 firmware
Supermicro
->
X10drw firmware
Supermicro
->
X10sri firmware
Supermicro
->
X8sie firmware
Supermicro
->
A1srm firmware
Supermicro
->
C7z270c firmware
Supermicro
->
X10dax firmware
Supermicro
->
X10drh firmware
Supermicro
->
X10drwn firmware
Supermicro
->
X10srl firmware
Supermicro
->
X8sil firmware
Supermicro
->
A2san firmware
Supermicro
->
C7z270cg firmware
Supermicro
->
X10ddw3 firmware
Supermicro
->
X10dri1 firmware
Supermicro
->
X10drx firmware
Supermicro
->
X10srm firmware
Supermicro
->
X8sit firmware
Supermicro
->
A2sap firmware
Supermicro
->
C7z270l firmware
Supermicro
->
X10ddw4 firmware
Supermicro
->
X10drl firmware
Supermicro
->
X10dsc firmware
Supermicro
->
X10srw firmware
Supermicro
->
X8siu firmware
Supermicro
->
A2sav firmware
Supermicro
->
C7z270m firmware
Supermicro
->
X10ddwi firmware
Supermicro
->
X10drlc firmware
Supermicro
->
X10dscp firmware
Supermicro
->
X11sae firmware
Supermicro
->
X9dbl firmware
Supermicro
->
B10drg firmware
Supermicro
->
C7z270p firmware
Supermicro
->
X10ddwn firmware
Supermicro
->
X10drln firmware
Supermicro
->
X10dsn firmware
Supermicro
->
X11sae m firmware
Supermicro
->
X9drf firmware
Supermicro
->
B10dri firmware
Supermicro
->
C7z370i firmware
Supermicro
->
X10dgo firmware
Supermicro
->
X10drs firmware
Supermicro
->
X10qrh firmware
Supermicro
->
X11sat firmware
Supermicro
->
X9drffp firmware
Supermicro
->
B10drt firmware
Supermicro
->
C7z370l firmware
Supermicro
->
X10drc firmware
Supermicro
->
X10drt firmware
Supermicro
->
X10sba firmware
Supermicro
->
X11sba firmware
Supermicro
->
X9drgqf firmware
Supermicro
->
B1dri firmware
Supermicro
->
C7z87oc firmware
Supermicro
->
X10drd firmware
Supermicro
->
X10drtb firmware
Supermicro
->
X10sddf firmware
Supermicro
->
X11sra firmware
Supermicro
->
X9drth firmware
Supermicro
->
B1sa4 firmware
Supermicro
->
C7z97mf firmware
Supermicro
->
X10drdl firmware
Supermicro
->
X10drth firmware
References:
https://blog.eclypsium.com/2018/06/07/firmware-vulnerabilities-in-supermicro-systems/
https://www.bleepingcomputer.com/news/security/firmware-vulnerabilities-disclosed-in-supermicro-server-products/
https://www.supermicro.com/support/security_Intel-SA-00088.cfm?pg=X10#tab
closedb(); ?>
Copyright
2024
, cxsecurity.com
Back to Top