Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

SMCI — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting SMCI. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SMCI provides enterprise server and storage solutions, primarily serving data centers and cloud infrastructure. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from misconfigurations and unpatched components. The company has faced scrutiny for security lapses, including a 2023 incident where exposed management interfaces allowed unauthorized access. With 12 CVEs on record, SMCI's products require rigorous hardening to mitigate risks. Security researchers have noted inconsistent patch management and default insecure configurations as recurring issues. Organizations implementing SMCI solutions should prioritize network segmentation, regular updates, and access controls to address these persistent security challenges.

CVE IDTitleCVSSSeverityPublished
CVE-2026-3820 Supermicro BMC's SMTP service contains a command injection vulnerability — AS-2115HS-TNRCWE-78 7.2 High2026-06-04
CVE-2025-12007 Supermicro BMC firmware update validation bypass — X13SEM-FCWE-347 6.2 -2026-01-16
CVE-2025-12006 Supermicro BMC firmware update validation bypass — X12STW-FCWE-347 7.2 High2026-01-16
CVE-2025-8727 A stack buffer overflow vulnerability exists in the Supermicro BMC Web function(SSL). — X13SEDW-FCWE-121 7.2 High2025-11-18
CVE-2025-8404 Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library — MBD-X13SEDW-FCWE-121 5.5 Medium2025-11-18
CVE-2025-8076 A stack buffer overflow vulnerability exists in the Supermicro BMC Web function — MBD-X13SEDW-FCWE-121 7.2 High2025-11-18
CVE-2025-7623 Supermicro BMC SMASH services has a Stack-based buffer overflow vulnerability — MBD-X13SEDW-FCWE-121 5.4 Medium2025-11-18
CVE-2025-7704 Supermicro BMC SMASH services has a Stack-based buffer overflow vulnerability — SYS-111C-NRCWE-121 5.4 Medium2025-11-13
CVE-2025-7937 Supermicro BMC firmware update validation bypass — MBD-X12STWCWE-347 7.2 High2025-09-19
CVE-2025-6198 Supermicro BMC firmware update validation bypass — X13SEM-FCWE-347 7.2 High2025-09-19
CVE-2024-10239 fld->used_bytes without sanity check causes stack overflow — MBD-X12DPG-OA6CWE-121 7.2 High2025-02-04
CVE-2024-10238 fld->used_bytes without sanity check causes stack overflow — MBD-X12DPG-OA6CWE-121 7.2 High2025-02-04
CVE-2024-10237 SMC BMC Firmware Image Authentication Design Issue — MBD-X12DPG-OA6CWE-347 7.2 High2025-02-04

This page lists every published CVE security advisory associated with SMCI. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.