Vulnerability Description
On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virtual USB devices to the server managed by the BMC.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Supermicro | X11Dai-N Firmware | 1.71.5 |
| Supermicro | X11Dai-N | - |
| Supermicro | X11Dac Firmware | 1.71.5 |
| Supermicro | X11Dac | - |
| Supermicro | X11Dph-Tq Firmware | 1.71.5 |
| Supermicro | X11Dph-Tq | - |
| Supermicro | X11Dph-I Firmware | 1.71.5 |
| Supermicro | X11Dph-I | - |
| Supermicro | X11Dph-T Firmware | 1.71.5 |
| Supermicro | X11Dph-T | - |
| Supermicro | X11Dps-Re Firmware | 1.71.5 |
| Supermicro | X11Dps-Re | - |
| Supermicro | X11Dsf-E Firmware | 1.71.5 |
| Supermicro | X11Dsf-E | - |
| Supermicro | X11Dsn-Ts Firmware | 1.71.5 |
| Supermicro | X11Dsn-Ts | - |
| Supermicro | X11Dsn-Tsq Firmware | 1.71.5 |
| Supermicro | X11Dsn-Tsq | - |
| Supermicro | X11Dsc\+ Firmware | 1.74 |
| Supermicro | X11Dsc\+ | - |
References
- https://eclypsium.com/2019/09/03/usbanywhere-bmc-vulnerability-opens-servers-to-MitigationThird Party Advisory
- https://github.com/eclypsium/USBAnywhereThird Party Advisory
- https://www.supermicro.com/support/security_BMC_virtual_media.cfmVendor Advisory
- https://eclypsium.com/2019/09/03/usbanywhere-bmc-vulnerability-opens-servers-to-MitigationThird Party Advisory
- https://github.com/eclypsium/USBAnywhereThird Party Advisory
- https://www.supermicro.com/support/security_BMC_virtual_media.cfmVendor Advisory
FAQ
What is CVE-2019-16650?
CVE-2019-16650 is a vulnerability with a CVSS score of 10.0 (CRITICAL). On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an atta...
How severe is CVE-2019-16650?
CVE-2019-16650 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-16650?
Check the references section above for vendor advisories and patch information. Affected products include: Supermicro X11Dai-N Firmware, Supermicro X11Dai-N, Supermicro X11Dac Firmware, Supermicro X11Dac, Supermicro X11Dph-Tq Firmware.