Supermicro SMM Callout Vulnerability
CVE-2024-36434

Currently unrated

Key Information:

Vendor: Supermicro
Vendor: CVE Published:; 15 July 2024

What is CVE-2024-36434?

A vulnerability has been identified in Supermicro X11DPH-T, X11DPH-Tq, and X11DPH-i motherboards due to insufficient protection in the system management mode (SMM) callout mechanism. This weakness is present in firmware versions prior to 4.4, potentially allowing unauthorized access and control over the motherboard’s essential functions. Users of these products are strongly advised to update their BIOS to the latest version to mitigate associated security risks.

References

https://www.supermicro.com/en/support/security_center#%21...

https://www.supermicro.com/en/support/security_BIOS_Jul_2024

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2024