Supermicro X11, X12, X13, and H11, H12, H13 motherboards privilege escalation | CVE-2023-34853

August 28, 2023

NAME
__________
Supermicro X11, X12, X13, and H11, H12, H13 motherboards privilege escalation

Platforms Affected:
Supermicro X11
Supermicro H11
Supermicro H12
Supermicro X12
Supermicro X13
Supermicro H13

Risk Level:
7.8

Exploitability:
Unproven

Consequences:
Gain Privileges

DESCRIPTION
__________

Supermicro X11, X12, X13, and H11, H12, H13 motherboards could allow a local authenticated attacker to gain elevated privileges on the system, caused by a stack-based buffer overflow in the BIOS firmware. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code on the system.

CVSS 3.0 Information
__________

Privileges Required:
Low

User Interaction:
None

Scope:
Unchanged

Access Vector:
Local

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

 To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

CISA Logo

CISA: Cisco Releases Security Updates for IOS XR Software

September 18, 2024
CISA Logo

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

September 18, 2024
CISA Logo

CISA: CISA Releases Twenty-Five Industrial Control Systems Advisories

September 18, 2024
CISA Logo

CISA: CISA Releases Analysis of FY23 Risk and Vulnerability Assessments

September 18, 2024
CISA Logo

CISA: Ivanti Releases Security Update for Cloud Services Appliance

September 18, 2024