CyberSecurityBoard
Sponsor Register Login

New Supermicro BMC flaws can create persistent backdoors

Researchers have uncovered new critical vulnerabilities in Supermicro's Baseboard Management Controller (BMC) firmware that could allow attackers to create persistent backdoors on affected servers. These flaws enable threat actors to maintain long-term unauthorized access by exploiting weaknesses in the BMC, which is responsible for remote management of server hardware. The vulnerabilities pose a significant risk to enterprise environments relying on Supermicro hardware, as attackers could bypass traditional security controls and maintain stealthy persistence. The discovery highlights the importance of timely firmware updates and robust security practices for hardware management components. Organizations using Supermicro servers are urged to apply patches and monitor for suspicious activity to mitigate potential exploitation. This article delves into the technical details of the vulnerabilities, their impact, and recommended mitigation strategies to protect critical infrastructure from advanced persistent threats targeting BMC firmware.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 24 Sep 2025 20:15:18 +0000


Cyber News related to New Supermicro BMC flaws can create persistent backdoors

New Supermicro BMC flaws can create persistent backdoors - Researchers have uncovered new critical vulnerabilities in Supermicro's Baseboard Management Controller (BMC) firmware that could allow attackers to create persistent backdoors on affected servers. These flaws enable threat actors to maintain ...
2 months ago Bleepingcomputer.com CVE-2024-12345 CVE-2024-12346
Two New Supermicro BMC Bugs Allow Remote Code Execution, Root Access - In September 2025, two critical vulnerabilities were discovered in Supermicro's Baseboard Management Controller (BMC) firmware, exposing systems to remote code execution and root access. These security flaws, identified as CVE-2025-12345 and ...
2 months ago Thehackernews.com CVE-2025-12345 CVE-2025-12346
Discovering SSRF Flaws in Microsoft Azure Services - Microsoft Azure is an incredibly popular cloud computing platform and its services are used around the world. Recently, security researchers uncovered several Server-Side Request Forgery (SSRF) flaws in many of Microsoft Azure’s services. This type ...
2 years ago Securityaffairs.com
Over 1,450 pfSense servers exposed to RCE attacks via bug chain - Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance. PfSense is a popular open-source firewall ...
2 years ago Bleepingcomputer.com CVE-2023-42325 CVE-2023-42327 CVE-2023-42326
New ATM Malware family emerged in the threat landscape - Threat actors may have exploited a zero-day in older iPhones, Apple warns. Microsoft fixed two zero-day bugs exploited in malware attacks. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. Raspberry Robin spotted using two ...
1 year ago Securityaffairs.com CVE-2023-49103 CVE-2023-46747 CVE-2023-46748 CVE-2023-4966
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - – Exploitation of zero-day vulnerabilities or watering hole attacks (compromising websites frequented by the target).Establishing a Foothold– Attackers deploy malware to create backdoors or tunnels for undetected movement within the ...
10 months ago Cybersecuritynews.com APT41
MOVEit Transfer Flaws Push Security Defense Into a Race With Attackers - Attackers appear to be pounding away at a couple of critical bugs that Progress Software disclosed this week in its MOVEit file transfer application, with nearly the same ferocity as they did the zero-day flaw the company disclosed almost exactly a ...
1 year ago Darkreading.com CVE-2024-5806 CVE-2024-5805 CVE-2023-34362
Global TeamCity Exploitation Opens Door to SolarWinds-Style Nightmare - APT29, the notorious Russian advanced persistent threat behind the 2020 SolarWinds hack, is actively exploiting a critical security vulnerability in JetBrains TeamCity that could open the door to rampant software supply chain attacks. According to ...
2 years ago Darkreading.com CVE-2023-42793 Andariel APT29 Lazarus Group
Microsoft: Multiple Perforce Server Flaws Allow for Network Takeover - Microsoft has identified four vulnerabilities in the Perforce source-code management platform, the most critical of which gives attackers access to a highly privileged Windows OS account to potentially take over the system via remote code execution ...
2 years ago Darkreading.com CVE-2023-45849 CVE-2023-35767 CVE-2023-45319 CVE-2023-5759
Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors - Vulnerabilities in three WordPress plugins are being exploited to inject malicious scripts and backdoors into websites, according to a warning from Fastly. The flaws can be exploited to execute unauthenticated stored cross-site scripting attacks, ...
1 year ago Securityweek.com CVE-2024-2194 CVE-2023-6961 CVE-2023-40000
CVE-2025-8727 - There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability. ...
1 month ago
CVE-2025-8076 - There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability. ...
1 month ago
Threat Groups Rush to Exploit JetBrains' TeamCity CI/CD Security Flaws - The cyberthreats to users of JetBrains' TeamCity CI/CD platform continue to mount a week after the company issued two fixes to security vulnerabilities, with one cybersecurity vendor noting a ransomware attack that included exploiting the flaws for ...
1 year ago Securityboulevard.com CVE-2024-27198 CVE-2024-27199 BianLian
East Texas hospital network can't receive ambulances because of potential cybersecurity incident - GetTime();if(!(u<=a&&d<=l throw new RangeError("Invalid interval");return r.inclusive?u<=l&&d<=a:ut||isNaN(t. Step):1;if(s<1||isNaN(s throw new RangeError("`options. Step):1;if(l<1||isNaN(l throw new RangeError("`options. GetTime()<=n throw new ...
2 years ago Cnn.com
China-Nexus Group Hacked Juniper Networks and Implant Backdoors on Its Routers - The investigation revealed that UNC3886 leveraged legitimate credentials to gain privileged access to the routers and subsequently deployed six distinct malware variants across multiple Juniper MX devices. The compromise of these critical routing ...
9 months ago Cybersecuritynews.com
CVE-2019-6260 - The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and write access to the BMC's physical address space from the host (or ...
5 years ago
What Is Encryption? Definition, How it Works, & Examples - To understand how encryption works, we need to understand how it fits into the broader realm of cryptology, how it processes data, common categories, top algorithms, and how encryption fits into IT security. Symmetric encryption will typically be ...
2 years ago Esecurityplanet.com
Google Chrome Six Flaws: Should You be Worried? - Google Chrome is one of the most widely used web browsers around the world, and while it is generally more secure than its predecessors, multiple security flaws have been recently revealed that users should be aware of. Recently, the Google Chrome ...
2 years ago Securityaffairs.com
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
1 year ago Securityaffairs.com
Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs - Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. This Patch Tuesday fixes only two critical vulnerabilities: Hyper-V remote code execution ...
1 year ago Bleepingcomputer.com
Detecting And Investigating Webshells In Compromised CMS Environments - By understanding their attack vectors, employing advanced detection techniques, and following a structured investigation and remediation process, organizations can effectively defend against these persistent backdoors and maintain the integrity and ...
7 months ago Cybersecuritynews.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
2 years ago Feeds.dzone.com
Chinese APT Hackers Earth Krahang Exploits Government Exchange Servers - A new Advanced Persistent Threat campaign, dubbed Earth Krahang, has emerged with a focus on infiltrating government entities across the globe. This campaign, active since early 2022, has been linked to a China-nexus threat actor, previously ...
1 year ago Cybersecuritynews.com CVE-2023-32315 CVE-2022-21587 Earth Lusca
New York's cyber chief on keeping cities and states safe from cyberattacks | The Record from Recorded Future News - And so we think that that'll continue to evolve the security posture of New York State in a way that first and foremost provides the public good, which is, if a government service is not secure, it can't be considered reliable. We're ...
8 months ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)