CVE-2024-36435 Information

Description

An issue was discovered on Supermicro BMC firmware in select X11 X12 H12 B12 X13 H13 and B13 motherboards (and CMM6 modules). An unauthenticated user can post crafted data to the interface that triggers a stack buffer overflow and may lead to arbitrary remote code execution on a BMC.

Reference

https://www.supermicro.com/zh_tw/support/security_BMC_IPMI_Jul_2024