CVE-2024-36435

N/A

An issue was discovered on Supermicro BMC firmware in select X11, X12, H12, B12, X13, H13, and B13 motherboards (and CMM6 modules). An unauthenticated user can post crafted data to the interface that triggers a stack buffer overflow, and may lead to arbitrary remote code execution on a BMC.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

N/A

Supermicro BMC 安全漏洞

Supermicro BMC是美国超微（Supermicro）公司的一个用于服务器、机架顶部交换机或 RAID 设备等设备中的固件。 Supermicro BMC存在安全漏洞，该漏洞源于未经身份验证的用户可以向触发堆栈缓冲区溢出的接口发布伪造的数据，导致在BMC上执行任意远程代码。

N/A

N/A