CVE-2023-40289 Information

Description

A command injection issue was discovered on Supermicro X11SSM-F X11SAE-F and X11SSE-F 1.66 devices. An attacker can exploit this to elevate privileges from a user with BMC administrative privileges.

Reference

https://www.supermicro.com/en/support/security_center#%21advisories https://www.supermicro.com/en/support/security_BMC_IPMI_Oct_2023