Vulnerabilities > CVE-2018-13787 - Unspecified vulnerability in Supermicro products

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

supermicro

NVD

Published: 2018-07-09

Updated: 2019-10-03

Summary

Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware.

Vulnerable Configurations

Part	Description	Count
OS	Supermicro Supermicro X11Ssz Firmware - Supermicro X11Ssv Firmware - Supermicro X11Ssql Firmware - Supermicro X11Ssq Firmware - Supermicro X11Ssn Firmware - Supermicro X11Srm Firmware - Supermicro X11Sra Firmware - Supermicro X11Sba Firmware - Supermicro X11Sat Firmware - Supermicro X11Sae M Firmware - Supermicro X11Sae Firmware - Supermicro X10Srw Firmware - Supermicro X10Srm Firmware - Supermicro X10Srl Firmware - Supermicro X10Sri Firmware - Supermicro X10Srh Firmware - Supermicro X10Srg Firmware - Supermicro X10Srd Firmware - Supermicro X10Sra Firmware - Supermicro X10Sdvt Firmware - Supermicro X10Sdvf Firmware - Supermicro X10Sde Firmware - Supermicro X10Sddf Firmware - Supermicro X10Sba Firmware - Supermicro X10Qrh Firmware - Supermicro X10Dsn Firmware - Supermicro X10Dscp Firmware - Supermicro X10Dsc Firmware - Supermicro X10Drx Firmware - Supermicro X10Drwn Firmware - Supermicro X10Drw Firmware - Supermicro X10Drux Firmware - Supermicro X10Drul Firmware - Supermicro X10Dru Firmware - Supermicro X10Drts Firmware - Supermicro X10Drtps Firmware - Supermicro X10Drtl Firmware - Supermicro X10Drth Firmware - Supermicro X10Drtb Firmware - Supermicro X10Drt Firmware - Supermicro X10Drs Firmware - Supermicro X10Drln Firmware - Supermicro X10Drlc Firmware - Supermicro X10Drl Firmware - Supermicro X10Dri1 Firmware - Supermicro X10Drh4 Firmware - Supermicro X10Drh Firmware - Supermicro X10Drgo Firmware - Supermicro X10Drgh Firmware - Supermicro X10Drg Firmware - Supermicro X10Drfr Firmware - Supermicro X10Drfg Firmware - Supermicro X10Drff Firmware - Supermicro X10Drdl Firmware - Supermicro X10Drd Firmware - Supermicro X10Drc Firmware - Supermicro X10Dgo Firmware - Supermicro X10Ddwn Firmware - Supermicro X10Ddwi Firmware - Supermicro X10Ddw4 Firmware - Supermicro X10Ddw3 Firmware - Supermicro X10Dax Firmware - Supermicro X10Dali Firmware - Supermicro X10Dal Firmware - Supermicro X10Dai Firmware - Supermicro B10Drt Firmware - Supermicro B10Dri Firmware - Supermicro B10Drg Firmware - Supermicro X9Sae Firmware - Supermicro X9Drth Firmware - Supermicro X9Drgqf Firmware - Supermicro X9Drffp Firmware - Supermicro X9Drf Firmware - Supermicro X9Dbl Firmware - Supermicro X8Siu Firmware - Supermicro X8Sit Firmware - Supermicro X8Sil Firmware - Supermicro X8Sie Firmware - Supermicro X8Sia Firmware - Supermicro K1Spi Firmware - Supermicro K1Spes Firmware - Supermicro C9X299 Firmware - Supermicro C7Z97Oc Firmware - Supermicro C7Z97Mf Firmware - Supermicro C7Z87Oc Firmware - Supermicro C7Z370L Firmware - Supermicro C7Z370I Firmware - Supermicro C7Z270P Firmware - Supermicro C7Z270M Firmware - Supermicro C7Z270L Firmware - Supermicro C7Z270Cg Firmware - Supermicro C7Z270C Firmware - Supermicro C7Z170Oce Firmware - Supermicro C7Z170O Firmware - Supermicro C7Z170 Firmware - Supermicro C7X99Oc Firmware - Supermicro C7Q270 Firmware - Supermicro C7H270 Firmware - Supermicro C7B250 Firmware - Supermicro B1Sd2Tf Firmware - Supermicro B1Sa4 Firmware - Supermicro B1Dri Firmware - Supermicro A2Sav Firmware - Supermicro A2Sap Firmware - Supermicro A2San Firmware - Supermicro A1Srm Firmware - Supermicro A1Sam Firmware - Supermicro A1Sai1 Firmware - Supermicro A1Sai Firmware - Supermicro A1Sa Firmware -	110
Hardware	Supermicro Supermicro X11Ssz - Supermicro X11Ssv - Supermicro X11Ssql - Supermicro X11Ssq - Supermicro X11Ssn - Supermicro X11Srm - Supermicro X11Sra - Supermicro X11Sba - Supermicro X11Sat - Supermicro X11Sae M - Supermicro X11Sae - Supermicro X10Srw - Supermicro X10Srm - Supermicro X10Srl - Supermicro X10Sri - Supermicro X10Srh - Supermicro X10Srg - Supermicro X10Srd - Supermicro X10Sra - Supermicro X10Sdvt - Supermicro X10Sdvf - Supermicro X10Sde - Supermicro X10Sddf - Supermicro X10Sba - Supermicro X10Qrh - Supermicro X10Dsn - Supermicro X10Dscp - Supermicro X10Dsc - Supermicro X10Drx - Supermicro X10Drwn - Supermicro X10Drw - Supermicro X10Drux - Supermicro X10Drul - Supermicro X10Dru - Supermicro X10Drts - Supermicro X10Drtps - Supermicro X10Drtl - Supermicro X10Drth - Supermicro X10Drtb - Supermicro X10Drt - Supermicro X10Drs - Supermicro X10Drln - Supermicro X10Drlc - Supermicro X10Drl - Supermicro X10Dri1 - Supermicro X10Drh4 - Supermicro X10Drh - Supermicro X10Drgo - Supermicro X10Drgh - Supermicro X10Drg - Supermicro X10Drfr - Supermicro X10Drfg - Supermicro X10Drff - Supermicro X10Drdl - Supermicro X10Drd - Supermicro X10Drc - Supermicro X10Dgo - Supermicro X10Ddwn - Supermicro X10Ddwi - Supermicro X10Ddw4 - Supermicro X10Ddw3 - Supermicro X10Dax - Supermicro X10Dali - Supermicro X10Dal - Supermicro X10Dai - Supermicro B10Drt - Supermicro B10Dri - Supermicro B10Drg - Supermicro X9Sae - Supermicro X9Drth - Supermicro X9Drgqf - Supermicro X9Drffp - Supermicro X9Drf - Supermicro X9Dbl - Supermicro X8Siu - Supermicro X8Sit - Supermicro X8Sil - Supermicro X8Sie - Supermicro X8Sia - Supermicro K1Spi - Supermicro K1Spes - Supermicro C9X299 - Supermicro C7Z97Oc - Supermicro C7Z97Mf - Supermicro C7Z87Oc - Supermicro C7Z370L - Supermicro C7Z370I - Supermicro C7Z270P - Supermicro C7Z270M - Supermicro C7Z270L - Supermicro C7Z270Cg - Supermicro C7Z270C - Supermicro C7Z170Oce - Supermicro C7Z170O - Supermicro C7Z170 - Supermicro C7X99Oc - Supermicro C7Q270 - Supermicro C7H270 - Supermicro C7B250 - Supermicro B1Sd2Tf - Supermicro B1Sa4 - Supermicro B1Dri - Supermicro A2Sav - Supermicro A2Sap - Supermicro A2San - Supermicro A1Srm - Supermicro A1Sam - Supermicro A1Sai1 - Supermicro A1Sai - Supermicro A1Sa -	110

Summary

Vulnerable Configurations

References