Article Details

Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security. Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. The medium-severity vulnerabilities, both of which stem from improper verification of a cryptographic signature, are listed below - The image validation process carried out during a firmware update takes place over three steps: Retrieve the public key from the BMC SPI flash chip, process the "fwmap" or "sig_table" table embedded in the uploaded image, and compute a cryptographic hash digest of all "signed" firmware regions, and verify the signature value against the calculated hash digest. Firmware security company Binarly, which has been credited with discovering and reporting the two shortcomings, said CVE-2025-7937 is a bypass for CVE-2024-10237, which was disclosed by Supermicro in January 2025. The vulnerability was originally discovered by NVIDIA, alongside CVE-2024-10238 and CVE-2024-10239. CVE-2024-10237 is a "logical flaw in the validation process of the uploaded firmware, which could ultimately result in the BMC SPI chip being reflashed with a malicious image," Binarly researcher Anton Ivanov said in a report shared with The Hacker News. "This security issue could allow potential attackers to gain complete and persistent control of both the BMC system and the main server OS." "This vulnerability demonstrated that the validation process could be manipulated by adding custom entries to the 'fwmap' table and relocating the original signed content of the image to unreserved firmware space, which ensures that the calculated digest still matches the signed value." On the other hand, CVE-2024-10238 and CVE-2024-10239 are two stack overflow flaws in the firmware's image verification function, allowing an attacker to execute arbitrary code in the BMC context. Binarly's analysis found the fix for CVE-2024-10237 to be insufficient, identifying a potential attack pathway by which a custom "fwmap" table can be inserted before the original one, which is then used during the validation process. This essentially enables the threat actor to run custom code in the context of the BMC system. Further investigation into the implementation of the firmware validation logic in the X13SEM-F motherboard determined a flaw within the "auth_bmc_sig" function that could permit an attacker to load a malicious image without modifying the hash digest value. "Once again, as all the regions used for the digest calculation are defined in the uploaded image itself (in the 'sig_table'), it is possible to modify it, along with some other parts of the image – for example, the kernel – and move the original data to unused space in the firmware," Ivanov said. "This means that the signed data digest will still match the original value." Successful exploitation of CVE-2025-6198 can not only update the BMC system with a specially crafted image, but also get around the BMC RoT security feature. "Previously, we reported the discovery of the test key on Supermicro devices, and their PSIRT doubled down that the hardware RoT (Root of Trust) authenticates the key and has no impact on this discovery," Alex Matrosov, CEO and Head of REsearch at Binarly, told The Hacker News. "However, new research shows that the previous statement from Supermicro is not accurate, and CVE-2025-6198 bypasses the BMC RoT. In this case, any leak of the signing key will impact the entire ecosystem. Reusing the signing key is not the best approach, and we recommend at least rotating the signing keys per product line. Based on previous incidents like PKfail and the Intel Boot Guard key leakage, the reuse of cryptographic signing keys could cause an industry-wide impact."