Key points
- Researchers have discovered two new flaws in Supermicro baseband management controller (BMC) firmware, which could allow attackers to gain control of servers and gain persistence at a level below normal security software and the OS.
- The vulnerabilities, CVE-2025-7937 and CVE-2025-6198, are rated as high severity and could be exploited by attackers with admin access to the systems, allowing them to update the system with rogue firmware.
- To mitigate these risks, organizations are advised to adopt careful source verification and integrity checks for firmware images, patch as soon as new issues appear, and enable Root of Trust (RoT) security where hardware supports it.
Researchers have recently published details of two new flaws in Supermicro baseband management controller (BMC) firmware, which could have significant implications for data centers and server security. Supermicro is a leading maker of server motherboards, and the BMC is a critical component used to monitor system health independently of the OS. The two vulnerabilities, CVE-2025-7937 and CVE-2025-6198, were discovered by firmware security firm Binarly and are rated as high severity with a CVSS score of 7.2.
According to Binarly, the first vulnerability, CVE-2025-7937, is a weakness affecting the firmware validation logic used to secure Supermicro’s BMC firmware. This vulnerability could allow attackers to update the system with rogue firmware, giving them complete and persistent control of both the BMC system and the main server OS. The second vulnerability, CVE-2025-6198, relates to Supermicro’s X13SEM-F motherboard firmware and also allows attackers to modify the firmware, potentially leading to similar consequences.
The discovery of these vulnerabilities is significant, as it highlights the importance of securing low-level software such as BMC firmware. Binarly notes that while the vulnerabilities are not remotely exploitable, attackers could potentially gain admin access to the systems through separate, indirect attacks. This emphasizes the need for organizations to prioritize security audits and continuous monitoring to identify and mitigate potential threats.
The vulnerabilities also underscore the importance of Root of Trust (RoT) security, which is designed to prevent malicious firmware from being installed on a system. Binarly recommends that organizations adopt careful source verification and integrity checks for firmware images, patch as soon as new issues appear, and enable RoT security where hardware supports it. By taking these steps, organizations can help protect their Windows Server and Azure infrastructure from potential threats and ensure the security and integrity of their systems.
In recent months, there have been several notable examples of firmware vulnerabilities being exploited in the wild. For example, CVE-2024-54085, an authentication spoofing vulnerability in AMI MegaRAC SPx server management firmware, was warned to be under active exploitation by CISA. This highlights the need for organizations to stay vigilant and prioritize firmware security as part of their overall cybersecurity strategy. By doing so, they can help protect their Microsoft and Windows-based systems from potential threats and ensure the security and integrity of their data.
Read the rest: Source Link
Don’t forget to check our list of Cheap Windows VPS Hosting providers, How to get Windows Server 2022, Try Windows 11 Pro for Workstations & browse Windows Azure content.
Remember to like our facebook and follow us on twitter @WindowsMode.