Overview
- Binarly disclosed CVE-2025-7937 and CVE-2025-6198, which allow crafted images to bypass BMC firmware validation and be flashed onto Supermicro hardware.
- CVE-2025-7937 is a bypass of Supermicro’s January fix for CVE-2024-10237 originally identified by an NVIDIA researcher, showing the earlier patch was insufficient.
- CVE-2025-6198 can defeat the BMC Root of Trust, raising concerns about signing‑key leakage or reuse and prompting calls for per‑product key rotation.
- Supermicro says updated BMC firmware is available and reports no evidence of in‑the‑wild exploitation, while Ars Technica notes the company is still testing and some patched images were not yet visible on its site.
- Binarly released technical analysis, a demo video, and proof‑of‑concept exploits, and warned that attackers with BMC admin access or a compromised update channel could achieve persistent control of both the controller and host OS.