Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security

Security Aid September 23, 2025

Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image.
The medium-severity vulnerabilities, both of which stem from improper verification of a cryptographic signature, areCybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image.
The medium-severity vulnerabilities, both of which stem from improper verification of a cryptographic signature, are The Hacker NewsRead More

About The Author

Security Aid

See author's posts

Security Aid

Related Stories

UN seeks to build consensus on ‘safe, secure and trustworthy’ AI

Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam

In Other News: LockBit 5.0, Department of War Cybersecurity Framework, OnePlus Vulnerability