Vulnerability Disclosure:
The purpose of this disclosure is to communicate the potential vulnerabilities affecting Supermicro products that were reported by an external researcher.
Summary:
A security vulnerability has been discovered in select in the BMC firmware of select Supermicro motherboards. This security issue, known as “RegreSSHion”, affects the critical signal handler race condition in OpenSSH. This vulnerability may result in unauthenticated remote code execution (RCE) with root privileges.
CVE:
- CVE-2024-6387
- Severity: High
Affected products:
Supermicro BMC firmware in select H13, X13, H12, M12, and X12 motherboards.
Remediation:
All affected Supermicro motherboard SKUs will require a BMC firmware update to mitigate these potential vulnerabilities.
An updated BMC firmware has been created to mitigate these potential vulnerabilities. Supermicro is currently testing and validating affected products. Please check Release notes for the resolution.
According to OpenSSH’s response (Release notes), while the vulnerability was successfully tested in a controlled experiment environment, exploiting it took around 6 to 8 hours of continuous attack attempts at server’s maximum throughput. Particularly for BMC firmware in general, such an attack method will result in connection anomalies, ultimately leading to the failure of the attack.
Supermicro highly advises using suitable measures to secure network access to devices as a general security precaution. Supermicro advises configuring the environment in accordance with Supermicro product security operational guidelines for the systems so as to run the devices in a protected IT environment. Please refer to the product security webpage for more information, and also follow the recommendations in the product manuals.
Exploitation and Public Announcements:
Supermicro is not aware of any malicious use of these vulnerabilities in the wild.