Firmware Vulnerabilities Disclosed in Supermicro Server Products


[H]F Junkie
Apr 25, 2001
If you own or support Supermicro products you should be aware there are some vulnerabilities in the configuration of some motherboards. This vulnerability is only able to be exploited if the malicious software is already running on the system, but it does have the nasty ability to hide in the firmware and will survive OS reinstalls. Obviously this takes some kind of insider threat to be effective, however, insider threats are the worse kind and the fact the malware can hide in the firmware after an OS reinstall makes it nasty. Supermicro is aware of the issue and is currently working on the fix.

According to Eclypsium researchers, some Supermicro products had an incorrectly set Descriptor Region that allowed software running on the OS (such as malware) to modify the Descriptor Region and then tamper with local firmware.