AMI Security Advisory AMI-SA-2025003, March 2025
Findings:
Supermicro is aware of a potential vulnerability in the BIOS firmware as reported in the AMI security advisory AMI-SA202503. Aptio® V contains vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use (TOCTOU) Race Condition by local means. Successful exploitation of this vulnerability may lead to arbitrary code execution.
CVE:
- CVE-2024-54084
- Severity: High
Affected products:
| AMD Motherboard Generation | BIOS Version with the fix |
|---|---|
| H13 – H13SAE | V 2.3 |
| H13 – H13SRD | V 1.5 |
| H13 –H13SRE-F | V 2.3 |
Mitigation:
Supermicro is currently working on updating BIOS firmware to mitigate this issue. Please check the release notes for resolution.
Exploitation and Public Announcement:
Supermicro is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory.