CVE-2024-10237

Published Feb 4, 2025

Last updated 11 days ago

CVSS high 7.2
Firmware

Overview

Description
There is a vulnerability in the BMC firmware image authentication design at Supermicro MBD-X12DPG-OA6 . An attacker can modify the firmware to bypass BMC inspection and bypass the signature verification process
Source
def9a96e-e099-41a9-bfac-30fd4f82c411
NVD status
Deferred

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.2
Impact score
5.9
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

def9a96e-e099-41a9-bfac-30fd4f82c411
CWE-345

Social media

Hype score
Not currently trending

  1. Critical flaws in Supermicro BMC firmware (CVE-2024-10237 & CVE-2025-6198) allow persistent backdoors via malicious updates, bypassing patches and enabling full server control. #SupermicroFlaws #FirmwareAttack #USA https://t.co/QNGsFEVXJN

    @TweetThreatNews

    24 Sept 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Binarly researchers discovered bypass for Supermicro's CVE-2024-10237 patch, leading to new CVE-2025-7937. They also found CVE-2025-6198 bypassing Root of Trust, allowing BMC and OS control. These flaws expose firmware validation's weakness, risking BMC code #EnterpriseSecurity

    @bigmacd16684

    24 Sept 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2024-10237 There is a vulnerability in the BMC firmware image authentication design at Supermicro MBD-X12DPG-OA6 . An attacker can modify the firmware to bypass BMC inspecti… https://t.co/AOyAaRY465

    @CVEnew

    4 Feb 2025

    434 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Related CVEs

  1. The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware package block-by-block to validate its integrity. However, the last decrypted firmware block remains uncleared in memory after the validation process completes. An attacker with access to the SPI interface can subsequently issue memory read commands to retrieve the decrypted firmware contents from this residual memory, effectively bypassing the firmware encryption protection mechanism. The attack requires physical access to the device's SPI interface.CVE-2025-14858
  2. Fortinet FortiClient EMS Improper Access Control VulnerabilityCVE-2026-35616
  3. A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used.CVE-2026-4903
  4. A Missing Authentication for Critical Function vulnerability in Pharos Controls Mosaic Show Controller firmware version 2.15.3 could allow an unauthenticated attacker to bypass authentication and execute arbitrary commands with root privileges.CVE-2026-2417
  5. A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the confidentiality and integrity of device configuration data.CVE-2025-15605

References

Sources include official advisories and independent security research.