Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2019-16650

Published: 21/09/2019 Updated: 24/08/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 10 | Impact Score: 6 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Supermicro

Vulnerability Summary

On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virtual USB devices to the server managed by the BMC.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

supermicro x11dai-n_firmware 1.71.5

supermicro x11dac_firmware 1.71.5

supermicro x11dph-tq_firmware 1.71.5

supermicro x11dph-i_firmware 1.71.5

supermicro x11dph-t_firmware 1.71.5

supermicro x11dps-re_firmware 1.71.5

supermicro x11dsf-e_firmware 1.71.5

supermicro x11dsn-ts_firmware 1.71.5

supermicro x11dsn-tsq_firmware 1.71.5

supermicro x11dsc\\+_firmware 1.74

supermicro x11ddw-nt_firmware 1.71.5

supermicro x11ddw-l_firmware 1.71.5

supermicro x11dgq_firmware 1.71.5

supermicro x11dpff-sn_firmware 1.71.5

supermicro x11dpfr-sn_firmware 1.71.5

supermicro x11dpfr-s_firmware 1.71.5

supermicro x11dpt-ps_firmware 1.71.5

supermicro x11dpt-b_firmware 1.71.5

supermicro x11dpt-bh_firmware 1.71.5

supermicro x11dpt-l_firmware 3.74

supermicro x11dpu_firmware 1.71.5

supermicro x11dpu-v_firmware 1.71.5

supermicro x11dpu-x_firmware 1.71.5

supermicro x11dpu-xll_firmware 1.71.5

supermicro x11dpu-z\\+_firmware 1.71.5

supermicro x11dpu-ze\\+_firmware 1.71.5

supermicro x11dpg-sn_firmware 1.71.5

supermicro x11dpg-qt_firmware 1.71.5

supermicro x11dpg-ot-cpu_firmware 1.71.5

supermicro x11dpi-nt_firmware 1.71.5

supermicro x11dpi-n_firmware 1.71.5

supermicro x11dpl-i_firmware 1.71.5

supermicro x11dpx-t_firmware 1.71.5

supermicro x11dgo-t_firmware 1.71.5

supermicro x11sca_firmware 1.71.5

supermicro x11sca-f_firmware 1.71.5

supermicro x11sch-f_firmware 1.23.2

supermicro x11sch-ln4f_firmware 1.23.2

supermicro x11sca-w_firmware 1.71.5

supermicro x11scl-f_firmware 1.23.2

supermicro x11scl-ln4f_firmware 1.23.2

supermicro x11scl-if_firmware 1.23.2

supermicro x11scm-f_firmware 1.23.2

supermicro x11scm-ln8f_firmware 1.23.2

supermicro x11scw-f_firmware 3.75.00

supermicro x11spa-t_firmware 1.71.5

supermicro x11spa-tf_firmware 1.71.5

supermicro x11spi-tf_firmware 1.71.6

supermicro x11spl-f_firmware 1.71.6

supermicro x11spm-f_firmware 1.71.6

supermicro x11spm-tf_firmware 1.71.6

supermicro x11spm-tpf_firmware 1.71.6

supermicro x11sph-nctf_firmware 1.71.6

supermicro x11sph-nctpf_firmware 1.71.6

supermicro x11spw-tf_firmware 1.71.6

supermicro x11spw-ctf_firmware 1.71.6

supermicro x11spg-tf_firmware 1.71.6

supermicro x11sri-if_firmware 3.75.00

supermicro x11srl-f_firmware 3.74.2

supermicro x11srm-f_firmware 1.31.1

supermicro x11srm-vf_firmware 1.31.1

supermicro x11ssl-f_firmware 1.56

supermicro x11ssm-f_firmware 1.56

supermicro x11ssl_firmware 1.56

supermicro x11ssm_firmware 1.56

supermicro x11ssh-f_firmware 1.56

supermicro x11ssh-ln4f_firmware 1.56

supermicro x11ssw-4tf_firmware 1.56

supermicro x11ssw-tf_firmware 1.56

supermicro x11ssw-f_firmware 1.71.5

supermicro x11ssi-ln4f_firmware 1.71.5

supermicro x11ssw-f_firmware 3.85.00

supermicro x11ssh-tf_firmware 1.56

supermicro x11ssh-ctf_firmware 1.56

supermicro x11ssl-cf_firmware 1.56

supermicro x11ssl-nf_firmware 1.56

supermicro x11ssh-gf-1585_firmware 1.56

supermicro x11ssh-gf-1585l_firmware 1.56

supermicro x11ssh-gtf-1585_firmware 1.56

supermicro x11ssh-gtf-1585l_firmware 1.56

supermicro b11dpt_firmware 3.68

supermicro b11dpe_firmware 3.68

supermicro b11spe-cpu-tf_firmware 3.68

supermicro b11spe-cpu-25g_firmware 3.68

supermicro b11qpi_firmware 3.68

supermicro x11ssd-f_firmware 3.68

supermicro x11sse-f_firmware 3.68

supermicro b2ss1-cpu_firmware 3.68

supermicro b2ss1-cf_firmware 3.68

supermicro b2ss1-f_firmware 3.68

supermicro b2ss2-f_firmware 3.68

supermicro b2ss1-mtf_firmware 3.68

supermicro b2ss1-h-mtf_firmware 3.68

supermicro b2ss2-mtf_firmware 3.68

supermicro b2ss2-h-mtf_firmware 3.68

supermicro x11scd-f_firmware 3.68

supermicro x11sdd-8c-f_firmware 3.68

supermicro x11sdd-18c-f_firmware 3.68

supermicro x11qph\\+_firmware 1.71.5

supermicro x11opi-cpu_firmware 1.71.5

supermicro x11sds-8c_firmware 3.74.2

supermicro x11sds-12c_firmware 3.74.2

supermicro x11sds-16c_firmware 3.74.2

supermicro x10ddw-i_firmware 3.83

supermicro x10ddw-in_firmware 3.83

supermicro x10drs_firmware 3.83

supermicro x10drd-i_firmware 3.83

supermicro x10drd-it_firmware 3.83

supermicro x10drd-int_firmware 3.83

supermicro x10drd-intp_firmware 3.83

supermicro x10drd-itp_firmware 3.83

supermicro x10drd-l_firmware 3.83

supermicro x10drd-lt_firmware 3.83

supermicro x10drd-ltp_firmware 3.83

supermicro x10drx_firmware 3.83

supermicro x10drh-c_firmware 3.83

supermicro x10drh-ct_firmware 3.83

supermicro x10drh-cln4_firmware 3.83

supermicro x10drh-i_firmware 3.83

supermicro x10drh-it_firmware 3.83

supermicro x10drh-iln4_firmware 3.83

supermicro x10dri_firmware 3.83

supermicro x10dri-t_firmware 3.83

supermicro x10drc-ln4\\+_firmware 3.83

supermicro x10drc-t4\\+_firmware 3.83

supermicro x10dri-ln4\\+_firmware 3.83

supermicro x10dri-t4\\+_firmware 3.83

supermicro x10drl-ln4_firmware 3.83

supermicro x10drl-i_firmware 3.83

supermicro x10drl-it_firmware 3.83

supermicro x10drl-c_firmware 3.83

supermicro x10drl-ct_firmware 3.83

supermicro x10drt-l_firmware 3.83

supermicro x10drt-libq_firmware 3.83

supermicro x10drt-libf_firmware 3.83

supermicro x10drt-b\\+_firmware 3.83

supermicro x10drt-h_firmware 3.83

supermicro x10drt-hibf_firmware 3.83

supermicro x10drt-ps_firmware 3.83

supermicro x10drt-p_firmware 3.83

supermicro x10drt-pt_firmware 3.83

supermicro x10drt-pibq_firmware 3.83

supermicro x10drt-pibf_firmware 3.83

supermicro x10drfr-n_firmware 3.83

supermicro x10drfr-nt_firmware 3.83

supermicro x10drfr_firmware 3.83

supermicro x10drfr-t_firmware 3.83

supermicro x10drff-cg_firmware 3.83

supermicro x10drff-ctg_firmware 3.83

supermicro x10drff-ig_firmware 3.83

supermicro x10drff-itg_firmware 3.83

supermicro x10drff_firmware 3.83

supermicro x10drff-c_firmware 3.83

supermicro x10drw-n_firmware 3.83

supermicro x10drw-nt_firmware 3.83

supermicro x10drw-e_firmware 3.83

supermicro x10drw-et_firmware 3.83

supermicro x10drw-i_firmware 3.83

supermicro x10drw-it_firmware 3.83

supermicro x10dsn-ts_firmware 3.83

supermicro x10drg-ot\\+-cpu_firmware 3.83

supermicro x10drg-o\\+-cpu_firmware 3.83

supermicro x10dgo-t_firmware 3.83

supermicro x10dgq_firmware 3.83

supermicro x10drg-q_firmware 3.83

supermicro x10drg-h_firmware 3.83

supermicro x10drg-ht_firmware 3.83

supermicro x10dru-i\\+_firmware 3.83

supermicro x10dru-x_firmware 3.83

supermicro x10dru-xll_firmware 3.83

supermicro x10dsc\\+_firmware 3.83

supermicro x10sra-f_firmware 3.83

supermicro x10sra_firmware 3.83

supermicro x10srd-f_firmware 3.83

supermicro x10srm-f_firmware 3.83

supermicro x10srm-tf_firmware 3.83

supermicro x10srl-f_firmware 3.83

supermicro x10sri-f_firmware 3.83

supermicro x10srh-cf_firmware 3.83

supermicro x10srh-cln4f_firmware 3.83

supermicro x10srg-f_firmware 3.83

supermicro x10srw-f_firmware 3.83

supermicro x10sae_firmware 3.83

supermicro x10sat_firmware 3.83

supermicro x10slx-f_firmware 3.83

supermicro x10sld-f_firmware 3.83

supermicro x10sld-hf_firmware 3.83

supermicro x10sle-f_firmware 3.83

supermicro x10sle-hf_firmware 3.83

supermicro x10sle-df_firmware 3.83

supermicro x10sl7-f_firmware 3.83

supermicro x10sla-f_firmware 3.83

supermicro x10slh-f_firmware 3.83

supermicro x10sll\\+-f_firmware 3.83

supermicro x10sll-f_firmware 3.83

supermicro x10sll-sf_firmware 3.83

supermicro x10sll-s_firmware 3.83

supermicro x10slm-f_firmware 3.83

supermicro x10slm\\+-f_firmware 3.83

supermicro x10slm\\+-ln4f_firmware 3.83

supermicro x10sde-df_firmware 3.68

supermicro x10sdd-16c-f_firmware 3.68

supermicro x10sdd-f_firmware 3.68

supermicro b1sd1-16c-tf_firmware 3.68

supermicro b1sd1-tf_firmware 3.68

supermicro b1sd2-16c-tf_firmware 3.68

supermicro b1sd2-tf_firmware 3.68

supermicro b10drc_firmware 3.68

supermicro b10drc-n_firmware 3.68

supermicro b10dri_firmware 3.68

supermicro b10dri-n_firmware 3.68

supermicro b10drg-ibf_firmware 3.68

supermicro b10drg-ibf2_firmware 3.68

supermicro b10drg-tp_firmware 3.68

supermicro b10drt_firmware 3.68

supermicro b10drt-ibf_firmware 3.68

supermicro b10drt-ibf2_firmware 3.68

supermicro b10drt-tp_firmware 3.68

supermicro x10qrh\\+_firmware 3.80

supermicro x10qbl-4_firmware 3.80

supermicro x10qbl-4ct_firmware 3.80

supermicro x10qbl_firmware 3.80

supermicro x10qbl-ct_firmware 3.80

supermicro x10qbi_firmware 3.81

supermicro x10obi-cpu_firmware 3.83

supermicro x10dbt-t_firmware 3.83

supermicro x10sdv-7tp8f_firmware 3.83

supermicro x10sdv-7tp4f_firmware 3.83

supermicro x10sdv-2c-7tp4f_firmware 3.83

supermicro x10sdv-4c-7tp4f_firmware 3.83

supermicro x10sdv-2c-tp4f_firmware 3.83

supermicro x10sdv-4c\\+-tp4f_firmware 3.83

supermicro x10sdv-2c-tp8f_firmware 3.83

supermicro x10sdv-tp8f_firmware 3.83

supermicro x10sdv-f_firmware 3.83

supermicro x10sdv-tln4f_firmware 3.83

supermicro x10sdv-8c-tln4f_firmware 3.83

supermicro x10sdv-6c-tln4f_firmware 3.83

supermicro x10sdv-2c-tln2f_firmware 3.83

supermicro x10sdv-4c-tln2f_firmware 3.83

supermicro x10sdv-4c-tln4f_firmware 3.83

supermicro x10sdv-4c\\+-tln4f_firmware 3.83

supermicro x10sdv-6c\\+-tln4f_firmware 3.83

supermicro x10sdv-8c-tln4f\\+_firmware 3.83

supermicro x10sdv-8c\\+-ln2f_firmware 3.83

supermicro x10sdv-12c-tln4f_firmware 3.83

supermicro x10sdv-12c-tln4f\\+_firmware 3.83

supermicro x10sdv-12c\\+-tln4f_firmware 3.83

supermicro x10sdv-16c\\+-tln4f_firmware 3.83

supermicro x10sdv-16c-tln4f\\+_firmware 3.83

supermicro x10sdv-16c-tln4f_firmware 3.83

supermicro a1srm-ln7f-2358_firmware 3.83

supermicro a1srm-ln7f-2758_firmware 3.83

supermicro a1srm-ln5f-2358_firmware 3.83

supermicro a1sa2-2750f_firmware 3.83

supermicro a1sam-2750f_firmware 3.83

supermicro a1sam-2550f_firmware 3.83

supermicro a1srm-2758f_firmware 3.83

supermicro a1srm-2558f_firmware 3.83

supermicro a1sai-2750f_firmware 3.83

supermicro a1sai-2550f_firmware 3.83

supermicro a1sri-2758f_firmware 3.83

supermicro a1sri-2558f_firmware 3.83

supermicro a1sri-2358f_firmware 3.83

References

NVD-CWE-noinfohttps://eclypsium.com/2019/09/03/usbanywhere-bmc-vulnerability-opens-servers-to-remote-attack/https://www.supermicro.com/support/security_BMC_virtual_media.cfmhttps://github.com/eclypsium/USBAnywherehttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook