CVE-2025-7623 — MEDIUM (5.4)

Vulnerability Description

Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware operating system

CVSS Score

5.4

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

LOW

Related Weaknesses (CWE)

CWE-121

References

https://www.supermicro.com/zh_tw/support/security_BMC_IPMI_Nov_2025

FAQ

What is CVE-2025-7623?

CVE-2025-7623 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address a...

How severe is CVE-2025-7623?

CVE-2025-7623 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-7623?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.