CVE-2019-19642
Last modified
CVE-2019-19642 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareName. EPSS estimates a 19.04% chance of exploitation in the next 30 days.
Description
On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareName. The attacker can achieve a persistent backdoor.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Supermicro | X8sti-F Bios | 02.68 |
| Supermicro | X8sti-F Firmware | 2.06 |
References
- https://www.dark-sec.net/2019/12/supermicro-ipmi-exploitation.htmlExploit, Third Party Advisory
- https://www.dark-sec.net/2019/12/supermicro-ipmi-exploitation.htmlExploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-19642?
How severe is CVE-2019-19642?
How do I fix CVE-2019-19642?
Are you affected by CVE-2019-19642?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST