Vulnerability CVE-2019-16649
Published: 2019-09-20   Modified: 2019-09-21

Description:
On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect virtual USB devices to the server managed by the BMC.

Type:

CWE-798

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Supermicro -> X11ssm-f firmware 
Supermicro -> B1sd2-16c-tf firmware 
Supermicro -> X9dr7-jln4f firmware 
Supermicro -> B9drt firmware 
Supermicro -> X9drg-qf firmware 
Supermicro -> X10drd-intp firmware 
Supermicro -> X9qr7-tf firmware 
Supermicro -> X10drg-h firmware 
Supermicro -> X9srw-f firmware 
Supermicro -> X10drl-ct firmware 
Supermicro -> X10dru-i+ firmware 
Supermicro -> X10qbl-ct firmware 
Supermicro -> X10sdv-2c-tp4f firmware 
Supermicro -> X10sdv-tp8f firmware 
Supermicro -> X10slx-f firmware 
Supermicro -> X11dgo-t firmware 
Supermicro -> X11dpt-bh firmware 
Supermicro -> X11sca-f firmware 
Supermicro -> X11sds-8c firmware 
Supermicro -> X11srm-vf firmware 
Supermicro -> B10drg-ibf2 firmware 
Supermicro -> X11ssm firmware 
Supermicro -> B1sd2-tf firmware 
Supermicro -> X9dr7/e-ln4f firmware 
Supermicro -> B9qr7(-tp) firmware 
Supermicro -> X9drh-7/i(t)f firmware 
Supermicro -> X10drd-it firmware 
Supermicro -> X9qri-f+ firmware 
Supermicro -> X10drg-ht firmware 
Supermicro -> X10drl-i firmware 
Supermicro -> X10dru-x firmware 
Supermicro -> X10qbl firmware 
Supermicro -> X10sdv-2c-tp8f firmware 
Supermicro -> X10sl7-f firmware 
Supermicro -> X10sra-f firmware 
Supermicro -> X11dgq firmware 
Supermicro -> X11dpt-l firmware 
Supermicro -> X11sca-w firmware 
Supermicro -> X11spa-t firmware 
Supermicro -> A1sa2-2750f firmware 
Supermicro -> X11ssd-f firmware 
Supermicro -> B10drg-ibf firmware 
Supermicro -> X11ssw-4tf firmware 
Supermicro -> B2ss1-cf firmware 
Supermicro -> X9dr7/e-tf+ firmware 
Supermicro -> M11sdv-4c-ln4f firmware 
Supermicro -> X9drh-if-nv firmware 
Supermicro -> X10drd-itp firmware 
Supermicro -> X9qri-f firmware 
Supermicro -> X10drg-o+-cpu firmware 
Supermicro -> X10drl-it firmware 
Supermicro -> X10dru-xll firmware 
Supermicro -> X10qrh+ firmware 
Supermicro -> X10sdv-4c+-tln4f firmware 
Supermicro -> X10sla-f firmware 
Supermicro -> X10sra firmware 
Supermicro -> X11dpff-sn firmware 
Supermicro -> X11dpt-ps firmware 
Supermicro -> X11sca firmware 
Supermicro -> X11spa-tf firmware 
Supermicro -> A1sai-2550f firmware 
Supermicro -> X11sse-f firmware 
Supermicro -> B10drg-tp firmware 
Supermicro -> X11ssw-f firmware 
Supermicro -> B2ss1-cpu firmware 
Supermicro -> X9drd-7ln4f series firmware 
Supermicro -> M11sdv-4ct-ln4f firmware 
Supermicro -> X9drl-3/if firmware 
Supermicro -> X10drd-l firmware 
Supermicro -> X9sae(-v) firmware 
Supermicro -> X10drg-ot+-cpu firmware 
Supermicro -> X10drl-ln4 firmware 
Supermicro -> X10drw-e firmware 
Supermicro -> X10sae firmware 
Supermicro -> X10sdv-4c+-tp4f firmware 
Supermicro -> X10sld-f firmware 
Supermicro -> X10srd-f firmware 
Supermicro -> X11dpfr-s firmware 
Supermicro -> X11dpu-v firmware 
Supermicro -> X11scd-f firmware 
Supermicro -> X11spg-tf firmware 
Supermicro -> A1sai-2750f firmware 
Supermicro -> X11ssh-ctf firmware 
Supermicro -> B10dri-n firmware 
Supermicro -> X11ssw-tf firmware 
Supermicro -> B2ss1-f firmware 
Supermicro -> X9drd-c(n)t+ firmware 
Supermicro -> M11sdv-8c+-ln4f firmware 
Supermicro -> X9drl-7/ef firmware 
Supermicro -> X10drd-lt firmware 
Supermicro -> X9sca(-f) firmware 
Supermicro -> X10drg-q firmware 
Supermicro -> X10drs firmware 
Supermicro -> X10drw-et firmware 
Supermicro -> X10sat firmware 
Supermicro -> X10sdv-4c-7tp4f firmware 
Supermicro -> X10sld-hf firmware 
Supermicro -> X10srg-f firmware 
Supermicro -> X11dpfr-sn firmware 
Supermicro -> X11dpu-x firmware 

 References:
https://eclypsium.com/2019/09/03/usbanywhere-bmc-vulnerability-opens-servers-to-remote-attack/
https://github.com/eclypsium/USBAnywhere
https://www.supermicro.com/support/security_BMC_virtual_media.cfm
Copyright 2025, cxsecurity.com

 

Back to Top