Researchers from the IB-company Binarly have uncovered 7 vulnerabilities in the Baseboard Management Controller (BMC) of Supermicro’s main board, which could have serious consequences for organizations using Supermicro servers.
One of the vulnerabilities, known as CVE-2023-40289, allows for the execution of malicious code within the BMC. However, administrative access to the web interface used for BMC configuration and control is required to exploit this vulnerability.
The other 6 vulnerabilities involve Cross-Site Scripting (XSS) attacks, which can be combined with CVE-2023-40289 to launch phishing attacks on administrators.
In response to the researchers’ report, Supermicro stated that there is no automatic installation method for fixing the vulnerabilities, making the process of eliminating them more time-consuming. It is worth noting that all the vulnerabilities stem from the IPMI firmware for Supermicro, which was developed by a third-party software developer called Aten. Aten had already addressed the CVE-2023-40289 vulnerability 6 months ago, but the fix was not implemented into the firmware.
Supermicro reported that the affected vulnerabilities impact certain motherboards including X11, H11, B11, CMM, M11, and H12. The company also stated that there have been no known instances of malicious use of these vulnerabilities.
The situation is further exacerbated by the fact that over 70,000 copies of Supermicro BMC with an open IPMI web interface are publicly available, as discovered by the Shodan search engine. Cybercriminals could exploit these vulnerabilities to gain control over servers if the BMC controls are not isolated from the internet.
The severity of the threat is a matter of concern. While Supermicro rates the vulnerabilities on the CVSSV3 scale within the range of 7.2 to 8.3, Binarly researchers assign them higher scores ranging from 8.3 to