Known Vulnerabilities for products from Supermicro
Listed below are 19 of the newest known vulnerabilities associated with the vendor "Supermicro".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Supermicro can be found at device.report : Supermicro
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33554 json | Not Provided | 2026-03-24 | 2026-03-24 | |
| CVE-2023-35861 json | A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03.10.35) allows r... | 9.8 - CRITICAL | 2023-07-31 | 2023-08-07 |
| CVE-2023-34853 json | Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via mani... | 7.8 - HIGH | 2023-08-22 | 2023-08-29 |
| CVE-2022-43309 json | Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions. | 5.5 - MEDIUM | 2023-04-07 | 2023-04-21 |
| CVE-2021-22887 json | A vulnerability in the BIOS of Pulse Secure (PSA-Series Hardware) models PSA5000 and PSA7000 could allow an attacker to compr... | 2.3 - LOW | 2021-03-16 | 2021-03-22 |
| CVE-2020-15046 json | The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to expl... | 8.8 - HIGH | 2020-06-24 | 2020-07-13 |
| CVE-2019-19642 json | On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Inject... | 8.8 - HIGH | 2019-12-08 | 2019-12-18 |
| CVE-2019-16650 json | On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the ... | 10 - CRITICAL | 2019-09-21 | 2020-08-24 |
| CVE-2019-16649 json | On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtua... | 10 - CRITICAL | 2019-09-21 | 2020-08-24 |
| CVE-2019-13131 json | Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote attackers to execute arbitrary c... | 9.8 - CRITICAL | 2019-07-01 | 2020-08-24 |
| CVE-2018-13787 json | Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, all... | 6.7 - MEDIUM | 2018-07-09 | 2019-10-03 |
| CVE-2013-6785 json | Directory traversal vulnerability in url_redirect.cgi in Supermicro IPMI before SMT_X9_315 allows authenticated attackers to ... | 4.3 - MEDIUM | 2020-01-23 | 2020-02-04 |
| CVE-2013-4782 json | The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by usi... | Not Provided | 2013-07-08 | 2026-04-29 |
| CVE-2013-3623 json | Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Int... | Not Provided | 2013-12-10 | 2026-04-29 |
| CVE-2013-3622 json | Buffer overflow in logout.cgi in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) ... | Not Provided | 2013-12-10 | 2026-04-29 |
| CVE-2013-3620 json | Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation mo... | 7.5 - HIGH | 2020-01-02 | 2020-01-14 |
| CVE-2013-3619 json | Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before SMT_X9_317 an... | 8.1 - HIGH | 2020-01-02 | 2020-01-15 |
| CVE-2013-3609 json | The web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F,... | Not Provided | 2013-09-08 | 2026-04-29 |
| CVE-2013-3608 json | The web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F,... | Not Provided | 2013-09-08 | 2026-04-29 |
| CVE-2013-3607 json | Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management Interface (IPMI) implementa... | Not Provided | 2013-09-08 | 2026-04-29 |
Known software with vulnerabilities from Supermicro
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Supermicro | B9dr7 | - |
| Operating System | Supermicro | B9dr7 Firmware | 3.3 |
| Hardware | Supermicro | B9drg | - |
| Hardware | Supermicro | B9drg-3m | - |
| Operating System | Supermicro | B9drg-3m Firmware | 3.3 |
| Hardware | Supermicro | B9drg-e | - |
| Operating System | Supermicro | B9drg-e Firmware | 3.3 |
| Operating System | Supermicro | B9drg Firmware | 3.3 |
| Hardware | Supermicro | B9dri | - |
| Operating System | Supermicro | B9dri Firmware | 3.3 |
| Hardware | Supermicro | B9drp | - |
| Operating System | Supermicro | B9drp Firmware | 3.3 |
| Hardware | Supermicro | B9drt | - |
| Operating System | Supermicro | B9drt Firmware | 3.3 |
| Hardware | Supermicro | B9qr7-tp | - |
| Operating System | Supermicro | B9qr7-tp Firmware | 3.3 |
| Hardware | Supermicro | H8dcl-6f | - |
| Hardware | Supermicro | H8dcl-if | - |
| Hardware | Supermicro | H8dct-hibqf | - |
| Hardware | Supermicro | H8dct-hln4f | - |