Vulnerabilities in Supermicro BMC Firmware, October 2025

Vulnerability Disclosure:

The purpose of this disclosure is to communicate the potential vulnerabilities affecting Supermicro products that were reported by an external researcher.

Acknowledgement:

Supermicro would like to acknowledge the work done by ETH Zurich researchers to discover potential vulnerabilities in Supermicro BMC Firmware. The vulnerability was discovered by Nils Heuer, Benedikt Heck, Benedict Schlüter and Shweta Shinde of ETH Zurich.

Summary:

A security issue has been discovered in select supermicro boards and CMMs. This issue may affect Supermicro BMC Firmware.

CVE IDSeverityIssue TypeDescription
MediumStack overflow in BMC SMASH

An attacker can use an environment variable to get the shell string into the program and ultimately use an overflow to corrupt the program execution.

Supermicro CVSSv3 score: 5.4 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L)

Affected products:

Supermicro BMC in select motherboards and CMMs.

CVE-2025-7704
MotherboardBMC FW with the Fix
MBD-A2SD1-3750F1.77
MBD-A2SD1-3955F1.77
MBD-K1SPE-IN0011.77
MBD-K1SPE1.77
MBD-K1SPE-T1.77
MBD-K1SPI1.77
MBD-K1SPI-T1.77
MBD-X11SBA-F1.77
MBD-X11SBA-LN4F1.77
MBD-X11SSD-F1.77
MBD-X11SSE-F1.77
MBD-X11DAC1.74.19
MBD-X11DAI-N1.74.19
MBD-X11DDW-L1.74.19
MBD-X11DDW-NT1.74.19
MBD-X11DPFR-S-LC0191.74.19
MBD-X11DPFR-S1.74.19
MBD-X11DPFR-SN-LC0191.74.19
MBD-X11DPFR-SN1.74.19
MBD-X11DPG-21-PCIE1.74.19
MBD-X11DPG-O-PCIE1.74.19
MBD-X11DPG-OT-CPU1.74.19
MBD-X11DPG-QT1.74.19
MBD-X11DPG-SN-LC0191.74.19
MBD-X11DPG-SN1.74.19
MBD-X11DPH-I1.74.19
MBD-X11DPH-T1.74.19
MBD-X11DPH-TQ1.74.19
MBD-X11DPI-N1.74.19
MBD-X11DPI-NI1.74.19
MBD-X11DPI-NT1.74.19
MBD-X11DPI1.74.19
MBD-X11DPI-T1.74.19
MBD-X11DPT-B+1.74.19
MBD-X11DPT-BH1.74.19
MBD-X11DPT-BV1.74.19
MBD-X11DPT-LC0191.74.19
MBD-X11DPT-PS1.74.19
MBD-X11DPU+1.74.19
MBD-X11DPU-LC0191.74.19
MBD-X11DPU-NEBS1.74.19
MBD-X11DPU1.74.19
MBD-X11DPU-V1.74.19
MBD-X11DPU-X1.74.19
MBD-X11DPU-XLL1.74.19
MBD-X11DPU-Z+1.74.19
MBD-X11DPX-T1.74.19
MBD-X11DRI1.74.19
MBD-X11DRI-T1.74.19
MBD-X11DRT-PS1.74.19
MBD-X11DRU+1.74.19
MBD-X11QPH+1.74.19
MBD-X11SCE-F1.74.19
MBD-X11SCH-F1.74.19
MBD-X11SCH-LN4F1.74.19
MBD-X11SCL-F1.74.19
MBD-X11SCL-IF1.74.19
MBD-X11SCL-LN4F1.74.19
MBD-X11SCM-F1.74.19
MBD-X11SCM-LN8F1.74.19
MBD-X11SCZ-F1.74.19
MBD-X11SPG-TF1.74.19
MBD-X11SPH-NCTF1.74.19
MBD-X11SPH-NCTPF1.74.19
MBD-X11SPI-TF1.74.19
MBD-X11SPL-F1.74.19
MBD-X11SPM-F1.74.19
MBD-X11SPM-TF1.74.19
MBD-X11SPM-TPF1.74.19
MBD-X11SPW-CTF-0011.74.19
MBD-X11SPW-CTF1.74.19
MBD-X11SPW-TF-0011.74.19
MBD-X11SPW-TF1.74.19
MBD-X11DGQ3.77.16
MBD-X11DPD-L3.77.16
MBD-X11DPD-M253.77.16
MBD-X11DPFF-SN3.77.16
MBD-X11DPL-I3.77.16
MBD-X11DPS-R3.77.16
MBD-X11DPS-RE3.77.16
MBD-X11DPT-L3.77.16
MBD-X11DSC+3.77.16
MBD-X11DSF-E3.77.16
MBD-X11DSF3.77.16
MBD-X11SCW-F-AM0473.77.16
MBD-X11SCW-F3.77.16
MBD-H12DST-PS3.10.48
MBD-H12DSU-IN3.10.48
MBD-H12SST-PS3.10.48
MBD-H12SSW-IN3.10.48
MBD-H12SSW-NT3.10.48
MBD-H11DSI-7401-MA0151.52.23
MBD-H11DSI-DC0231.52.23
MBD-H11DSI-N702-MA0151.52.23
MBD-H11DSI-NT1.52.23
MBD-H11DSI1.52.23
MBD-H11DSU-IN+1.52.23
MBD-H11DSU-IN1.52.23
MBD-H11DSU-IN-TT0311.52.23
MBD-H11SSL-C1.52.23
MBD-H11SSL-I1.52.23
MBD-H11SSL-I251-MA0151.52.23
MBD-H11SSL-I302P-MA0151.52.23
MBD-H11SSL-I351P-MA0151.52.23
MBD-H11SSL-I401P-MA0151.52.23
MBD-H11SSL-I502P-MA0151.52.23
MBD-H11SSL-N551P-MA0151.52.23
MBD-H11SSL-N702P-MA0151.52.23
MBD-H11SSL-NC1.52.23
MBD-H11SSW-IN1.52.23
MBD-H11SSW-NT1.52.23
MBD-X12DPI-N01.07.01
MBD-X12DPI-NT01.07.01
MBD-X12QCH+01.07.01
MBD-X12SPA-TF01.07.01
MBD-X12SPG-NF01.07.01
MBD-A3SPI-4C-HLN4F01.07.01
MBD-A3SPI-4C-LN6PF01.07.01
MBD-A3SPI-8C-HLN4F01.07.01
MBD-A3SPI-8C-LN6PF01.07.01
MBD-A3SSV-16C-SPLN10F01.07.01
MBD-A3SSV-24C-SPLN10F01.07.01
MBD-A3SSV-8C-SPLN10F01.07.01
MBD-X12SCA-F01.07.01
MBD-X12SCZ-F01.07.01
MBD-X12SCZ-QF01.07.01
MBD-X12SCZ-TLN4F01.07.01
MBD-B12DPT1.07.03
MBD-BH12SSI-M251.07.03
MBD-X12DAI-N601.07.05
MBD-X12DDW-A601.07.05
MBD-X12DHM-601.07.05
MBD-X12DHM01.07.05
MBD-X12DPFR-AN601.07.05
MBD-X12DPG-AR01.07.05
MBD-X12DPG-QBT601.07.05
MBD-X12DPG-QT01.07.05
MBD-X12DPG-QT601.07.05
MBD-X12DPG-U601.07.05
MBD-X12DPI-N601.07.05
MBD-X12DPI-NT601.07.05
MBD-X12DPL-I601.07.05
MBD-X12DPL-NT601.07.05
MBD-X12DPU-601.07.05
MBD-X12DSC-A601.07.05
MBD-X12SPED-F01.07.05
MBD-X12SPI-TF01.07.05
MBD-X12SPL-F01.07.05
MBD-X12SPL-LN4F01.07.05
MBD-X12SPM-LN4F01.07.05
MBD-X12SPM-LN6TF01.07.05
MBD-X12SPM-TF01.07.05
MBD-X12SPO-F01.07.05
MBD-X12SPO-NTF01.07.05
MBD-X12SPW-F01.07.05
MBD-X12SPW-TF-00101.07.05
MBD-X12SPW-TF01.07.05
MBD-X12SPZ-LN4F01.07.05
MBD-X12SPZ-SPLN6F01.07.05
MBD-X12DPD-A6M251.07.03
MBD-X12DPT-B61.07.03
MBD-X12DPT-PT61.07.03
MBD-X12SPT-PT1.07.03
MBD-H12DSG-O-CPU01.07.01
MBD-H12DSU-INR01.07.01
MBD-H12SSL-C01.07.01
MBD-H12SSL-CT01.07.01
MBD-H12SSL-I01.07.01
MBD-H12SSL-NT01.07.01
MBD-H12SSW-INL01.07.01
MBD-H12SSW-INR01.07.01
MBD-H12SSW-NTR01.07.01
MBD-H12DGO-601.07.01
MBD-H12DSG-Q-CPU601.07.01
MBD-M12SWA-TF01.07.01
MBD-H12DGQ-NT601.07.01
MBD-H12DSI-N601.07.01
MBD-H12DSI-NT601.07.01
MBD-H12SSFR-AN601.07.01
MBD-H12SSW-AN601.07.01
MBD-B12DPT-61.07.03
MBD-X12DGO-601.07.01
MBD-H12SSFF-AN601.07.03
MBD-X12DPG-OA6-GD21.07.03
MBD-X12DPG-OA61.07.03
MBD-B12DPE-61.07.03
MBD-B12SPE-CPU-25G1.07.03
MBD-X12DSC-601.07.01
MBD-X12DGQ-R1.07.03
MBD-X12DPG-QR1.07.03
MBD-X12STW-F01.07.03
MBD-X12STW-TF01.07.03
MBD-B3ST1-CPU-0011.07.03
MBD-X12STD-F01.04.15
MBD-X12STE-F01.04.15
MBD-X13DEM01.05.03
MBD-X13DET-B01.05.03
MBD-X13DSF-A01.05.03
MBD-X13SEDW-F01.05.03
MBD-X13SEED-F01.05.03
MBD-X13SEED-SF01.05.03
MBD-X13SEFR-A01.05.03
MBD-X13SEM-F01.05.03
MBD-X13SEM-TF01.05.03
MBD-X13SET-PT01.05.03
MBD-X13SEVR-SP13F01.05.03
MBD-X13DAI01.05.06
MBD-X13DDW-A01.05.06
MBD-X13DEG-OA01.05.06
MBD-X13DEG-R01.05.06
MBD-X13DEI01.05.06
MBD-X13DEI-T01.05.06
MBD-X13DGU01.05.06
MBD-X13SEI-F01.05.06
MBD-X13SEI-TF01.05.06
MBD-X13SEW-F01.05.06
MBD-X13SEW-TF01.05.06
MBD-X13SAE-F01.04.15
MBD-X13SAZ-F01.04.15
MBD-X13SRA-TF01.04.15
MBD-X13SWA-TF01.04.15
MBD-X13OEI-CPU01.05.03
MBD-X12SPT-G01.07.01
MBD-X12SPT-GC01.07.01
MBD-B13DEE01.05.03
MBD-B13DET01.05.03
MBD-B13SEE-CPU-25G01.05.03
MBD-B13SEG01.05.03
MBD-X13DEG-QT01.05.03
MBD-X13QEH+01.05.03
MBD-X13SET-G01.05.03
MBD-X13SET-GC01.05.03
MBD-H13DSG-O-CPU01.05.01
MBD-H13DSH01.05.01
MBD-H13SSL-N01.05.01
MBD-H13SSL-NT01.05.01
MBD-H13SST-G01.05.01
MBD-H13SST-GC01.05.01
MBD-H13SSW01.05.01
MBD-H13SVW-N01.05.01
MBD-H13SVW-NT01.05.01
MBD-X12DGU01.07.05
MBD-B4SA1-CPU01.05.03
MBD-B4SC1-CPU01.05.03
MBD-H13QSH01.05.03
MBD-H13SRH01.05.03
MBD-H13SSF01.05.03
MBD-H13SSH01.05.03
MBD-X13SCD-F01.05.01
MBD-X13SCH-F01.05.01
MBD-X13SCH-LN4F01.05.01
MBD-X13SCH-SYS01.05.01
MBD-X13SCL-F01.05.01
MBD-X13SCL-IF01.05.01
MBD-H13SRA-F01.05.01
MBD-H13SRA-TF01.05.01
MBD-H13SAE-MF01.05.01
MBD-H13SRD-F01.05.01
MBD-H13SRE-F01.05.01
MBD-M13SRD-F01.05.01
MBD-H13DSG-O-CPU-D01.05.01
MBD-G1SMH-G01.05.03
MBD-G1SMH01.05.03
MBD-G2DMH-G01.05.03
MBD-G2DMH-GI01.05.03
MBD-X13DEH01.05.03
MBD-X13SAW-F01.05.03
MBD-X13SAW-TLN4F01.05.03
MBD-X13SCW-F01.05.03
MBD-X14DBM-AP1.07.03
MBD-X14DBM-APL1.07.03
MBD-X14DBM-SP1.07.03
MBD-X14DBT-B1.07.03
MBD-X14DBT-FAP1.07.03
MBD-X14DBT-FLAP1.07.03
MBD-X14QBH+1.07.03
MBD-X14SBH-AP1.07.03
MBD-X14SBH1.07.03
MBD-X14SBM-TF1.07.03
MBD-X14SBM-TP4F1.07.03
MBD-X14SDV-20C-SP3F1.07.03
MBD-X14SDV-32C-SP3F1.07.03
MBD-X14SDV-36C-SP3F1.07.03
MBD-X14SDV-36CE-SP3F1.07.03
MBD-X14SDV-42C-SP3F1.07.03
MBD-X14SDW-42C-SP9F1.07.03
MBD-H13DSG-OM01.05.03
MBD-B3SD1-20C-25G01.03.00.03
MBD-H14DSG-O-CPU01.01.08.01
MBD-H14DSH01.01.08.01
MBD-H14SSL-N01.01.08.01
MBD-H14SSL-NT01.01.08.01
MBD-H14SST-G01.01.08.01
MBD-H14SST-GE01.01.08.01
MBD-X14SBHM01.03.00.03
MBD-X14DBG-AP1.01.16.00
MBD-X14DBI1.01.16.00
MBD-X14DBI-T1.01.16.00
MBD-X14SBI-F1.01.16.00
MBD-X14SBI-TF1.01.16.00
MBD-X14SBW-F1.01.16.00
MBD-X14SBW-TF1.01.16.00
MBD-X13SEB-TF01.05.01
MBD-X13DEG-D1.04.06
MBD-B14DBE-AP01.03.00.03
MBD-B14DBE01.03.00.03
MBD-B14DBT01.03.00.03
MBD-B14SBE-CPU-25G01.03.00.03
MBD-B14SBE-CPU-AP01.03.00.03
MBD-X14DBHM1.01.07.00
MBD-X14DBG-GD01.03.00.03
MBD-X14DBG-XAP01.03.00.03
MBD-X14SBT-G01.03.00.03
MBD-X14SBT-GAP01.03.00.03
MBD-H14DSH-TI03601.03.00.04
MBD-H14DST-F01.03.00.04
MBD-H14DSG-OD01.03.00.03
MBD-X11DPFF-SNR1.01.26
MBM-CMM-6-01-FI00501.02.04
MBB-CMM-601.02.04
MBM-CMM-6-01-HN00401.02.04
MBM-CMM-601.02.04
MBM-CMM-6-IN00101.02.04
MBD-X12DPT-B61.07.03
MBD-X12DPT-B1.07.03

Remediation:

Affected Supermicro motherboard SKUs will require a BMC update to mitigate these potential vulnerabilities.

An updated BMC firmware had been created to mitigate these potential vulnerabilities. Supermicro is currently testing and validating affected products. Please check Release notes for the resolution.

Exploitation and Public Announcements:

Supermicro is not aware of any malicious use of these vulnerabilities in the wild.

Resources: