移至主內容
Supermicro 安全中心

請查閱下面的網頁,以了解最新的安全警報和建議的訊息。

Product Security Standards and Specifications, August 2021

Supermicro is providing a list of standards and specifications for the newly released X12 family of servers and storage systems.

查看詳細訊息

Intel Platform Update (IPU) Update 2021.2, November 2021

This update applies to the X10, X11, and X12 families of products powered by Intel Xeon® and other Intel processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.

  • INTEL-SA-00528 - 2021.2 IPU – Intel® Atom® Processor Advisory
  • INTEL-SA-00562 - 2021.1 IPU – BIOS Reference Code Advisory
查看詳細訊息

AMD Security Vulnerabilities, November 2021

This update applies to the H11 and H12 families of products powered by 1st/2nd/3rd Gen AMD EPYC™ Processors. Potential vulnerabilities in various platform components were discovered and have been mitigated in AMD EPYC™ AGESA™ PI packages.

  • AMD-SN-1021 - AMD Server Vulnerabilities – November 2021
查看詳細訊息

Intel Security Advisory Intel-SA-00525, July 2021

  • INTEL-SA-00525 – Intel BSSA (BIOS Shared SW Architecture) DFT Advisory

Intel-SA-00525 Security Advisory does not affect Supermicro BIOS.

查看詳細訊息

Intel Platform Update (IPU) Update 2021.1, June 2021

This update applies to the X10, X11, and X12 families of products powered by Intel Xeon® and other Intel processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.

  • INTEL-SA-00442 - 2021.1 IPU – Intel VT-d Advisory
  • INTEL-SA-00459 - 2021.1 IPU – Intel-CSME-SPS-TXE-DAL-AMT-Advisory
  • INTEL-SA-00463 - 2021.1 IPU – BIOS Advisory
  • INTEL-SA-00464 - 2021.1 IPU – Intel Processor Advisory
  • INTEL-SA-00465 - 2021.1 IPU – Intel Processor Advisory
查看詳細訊息

Supermicro’s response to Trickboot vulnerability, March 2021

Supermicro is aware of the Trickboot issue which is observed only with a subset of the X10 UP motherboards. Supermicro will be providing a mitigation for this vulnerability.

TrickBoot is a new functionality within the TrickBot malware toolset capable of discovering vulnerabilities and enabling attackers to read/write/erase the BIOS on the device.

查看詳細訊息

BIOS detects GRUB2 boot loader vulnerability in Linux OS, November 2020

A flaw was found in GRUB2, prior to version 2.06. An attacker may use the GRUB2 flaw to hijack and tamper the GRUB verification process. BIOS will detect this condition and halt the boot with an error message.

  • CVE-2020-10713
查看詳細訊息

Intel Platform Update (IPU) Update 2020.2, November 2020

This update applies to the X10, X11, and X12 families of products powered by Intel Xeon® and other Intel processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.

  • INTEL-SA-00358 – 2020.2 IPU – BIOS Advisory
  • INTEL-SA-00391 – 2020.2 IPU – Intel® CSME, SPS, TXE, and AMT Advisory
  • INTEL-SA-00389 – 2020.2 IPU – Intel® RAPL Advisory
  • INTEL-SA-00390 – Intel BIOS Platform Sample Code Advisory
查看詳細訊息

Intel Monthly September Security Update, September 2020

This update applies to the X11 and X12 families of products powered by Intel Core® processors. Intel Monthly September Security Update combines the delivery of security updates that may have been previously provided individually.

Please note that X10 family of products is not affected by this announcement.

  • Intel-SA-00404 – Intel® AMT and Intel® ISM Advisory
查看詳細訊息

Intel Platform Update (IPU) Update 2020.1, June 2020

This update applies to the X10 and X11 families of products powered by Intel Xeon® processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.

  • Intel-SA-00295 – Intel® CSME, SPS, TXE, AMT and DAL Advisory
  • Intel-SA-00320 – Special Register Buffer Data Sampling Advisory
  • Intel-SA-00322 – 2020.1 IPU BIOS Advisory
  • Intel-SA-00329 – Intel® Processors Data Leakage Advisory
  • Intel-SA-00260 – (updated) Intel® Processor Graphics 2019.2 QSR Update Advisory
查看詳細訊息

Lot 9 of ErP (Eco-design) Compliance

Lot 9 regulations are a new set of product standards that deal with data storage devices such as enterprise-level servers. Learn how Supermicro meets European Union (EU) Eco-design requirements for servers and storage products as part of Lot 9 Compliance.

查看詳細訊息

Intel Monthly February Security Update, February 2020

This update applies to the X11 families of products powered by Intel Core® processors. Intel Monthly February Security Update combines the delivery of security updates that may have been previously provided individually.

  • Intel-SA-00307 – Escalation of Privilege, Denial of Service, Information Disclosure
查看詳細訊息

Intel BIOS Update, INTEL-SA-00329, January 2020

  • Intel-SA-00329 – Intel® Processors Data Leakage Advisory
查看詳細訊息

Intel Monthly December Security Update, December 2019

This update applies to the X10, and X11 families of products powered by Intel Xeon® processors. Intel Monthly December Security Update combines the delivery of security updates that may have been previously provided individually.

  • Intel-SA-00289 – Intel® Processors Voltage Settings Modification Advisory
  • Intel-SA-00317 – Unexpected Page Fault in Virtualized Environment Advisory
查看詳細訊息

BMC Unique Password Security Feature, November 2019

Supermicro implemented a new security feature for the BMC firmware stack on all new X10, X11, H11, H12, and all future generation Supermicro products. Supermicro introduced BMC unique password.

查看詳細訊息

Intel Platform Update (IPU) Update 2019.2, November 2019

This update applies to the X10, and X11 families of products powered by Intel Xeon® processors. Intel Platform Update (IPU) combines the delivery of security updates that may have been previously provided individually.

  • Intel-SA-00164 – Intel® Trusted Execution Technology 2019.2 IPU Advisory
  • Intel-SA-00219 – Intel® SGX 2019.2 with Intel® Processor Graphics IPU Update Advisory
  • Intel-SA-00220 – Intel® SGX and Intel® TXT Advisory
  • Intel-SA-00240 – Intel CPU Local Privilege Escalation Advisory
  • Intel-SA-00241 – Intel® CSME, Server Platform Services, Trusted Execution Engine, Intel® Active Management Technology and Dynamic Application Loader 2019.2 IPU Advisory
  • Intel-SA-00254 – Intel® System Management Mode 2019.2 IPU Advisory
  • Intel-SA-00260 – Intel® Processor Graphics 2019.2 IPU Advisory
  • Intel-SA-00270 – TSX Transaction Asynchronous Abort Advisory
  • Intel-SA-00271 – Voltage Modulation Technical Advisory
  • Intel-SA-00280 – BIOS 2019.2 IPU Advisory
查看詳細訊息

BMC/IPMI Security Vulnerability Update September 3, 2019

Researchers have identified several security related issues on the Virtual Media function of Supermicro BMCs that requires a BMC firmware update to address.

CVE-2019-16649
CVE-2019-16650

查看詳細訊息

AMD Security Vulnerability: Secure Encrypted Virtualization Invalid ECC Curve Points (SEV ECC) in Linux Operating System vulnerability

CVE-2019-9836

查看詳細訊息

Intel Security Vulnerability regarding Rowhammer style attack to leak information from certain DRAM modules

Intel-SA-00247 (CVE-2019-0174)

查看詳細訊息

Intel Quarterly Security Release (QSR) Update 2019.1, May 2019

This update applies to the X8, X9, X10, and X11 families of products powered by Intel Xeon® processors. Quarterly Security Release (QSR) combines the delivery of security updates that may have been previously provided individually.

  • INTEL-SA-00213 (CVE-2019-0089, CVE-2019-0090, CVE-2019-0086, CVE-2019-0091, CVE-2019-0092, CVE-2019-0093, CVE-2019-0094, CVE-2019-0096, CVE-2019-0097, CVE-2019-0098, CVE-2019-0099, CVE-2019-0153, CVE-2019-0170)
  • INTEL-SA-00223 BIOS Not Affected
  • INTEL-SA-00233(CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091)

    BIOS updates for these issues are rolling out now. View the details below for impacted products and necessary BIOS updates.

查看詳細訊息

Intel Quarterly Security Release (QSR) Update 2018.4, March 2019

This update applies only to the X11 family of products powered by Intel Xeon® processors. Quarterly Security Release (QSR) combines the delivery of security updates that may have been previously provided individually.

  • INTEL-SA-00185 (CVE-2018-12188, CVE-2018-12189, CVE-2018-12190, CVE-2018-12191, CVE-2018-12192, CVE-2018-12199, CVE-2018-12198, CVE-2018-12200, CVE-2018-12187, CVE-2018-12196, CVE-2018-12185, CVE-2018-12208)
  • INTEL-SA-00191 (CVE-2018-12201, CVE-2018-12202, CVE-2018-12203, CVE-2018-12205, CVE-2018-12204)
查看詳細訊息

"Spoiler": New research Article on speculative execution in Intel processors

查看詳細訊息

使用ASPEED AST2400和 AST2500 system-on-chips (SoCs) 的系統相關的Baseboard Management Controller (BMC)安全漏洞

  • CVE-2019-6260
查看詳細訊息

加密簽名的BMC韌體

  • 安全功能對BMC韌體和BIOS進行加密簽名。
查看詳細訊息

Spectre/Meltdown側通道猜測執行

  • Intel SA-00115 (CVE-2018-3639, CVE-2018-3640)
  • Intel-SA-00088 (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
  • Intel-SA-00161 (CVE-2018-3615, CVE-2018-3620, CVE-2018-3646)
查看詳細訊息

關於英特爾® 管理引擎(ME)的英特爾安全漏洞,英特爾® 伺服器平台服務(SPS)和英特爾® 可信任執行引擎(TXE)

  • Intel-SA-00086 (CVE-2017-5705, CVE-2017-5708, CVE-2017-5711, CVE-2017-5712, CVE-2017-5706, CVE-2017-5709, CVE-2017-5707, CVE-2017-571000)
查看詳細訊息

常見的漏洞和暴露(CVEs)

在數據中心安全地配置BMC,請查看我們的最佳實踐指南和韌體更新,以解決常見的漏洞和暴露(CVEs)。

Common Security FAQs: Choose category "Security"