Primary

Context

Supermicro BMC Firmware Validation Vulnerability on MBD-X12STW Allowing Unauthorized Firmware Updates

Vulnerability

A vulnerability exists in the Supermicro BMC firmware validation logic on the MBD-X12STW motherboard. This issue allows an attacker to bypass the firmware verification process and update the system firmware with a specially crafted image. The manipulated image can redirect the firmware update process to a fake table in the unsigned region, exploiting the improper verification of cryptographic signatures.

Impact

Exploitation of this vulnerability could lead to unauthorized firmware updates, potentially allowing for malicious modifications to the system's firmware.

Remediation

Affected Supermicro motherboard SKUs will require a BMC update to address this vulnerability. An updated BMC firmware is being tested and validated by Supermicro. Please check the Release notes for the resolution.

Added: Sep 19, 2025, 3:18 AM

Updated: Sep 19, 2025, 3:18 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.4

remediation

6.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.4

remediation

6.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Supermicro BMC Firmware Validation Vulnerability on MBD-X12STW Allowing Unauthorized Firmware Updates

Vulnerability

Impact

Remediation

Affected Products

Supermicro MBD-X12STW

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating