Supermicro SMM Callout Vulnerability
CVE-2024-36434

7.5HIGH

Key Information:

Vendor: Supermicro
Vendor: CVE Published:; 15 July 2024

What is CVE-2024-36434?

A vulnerability has been identified in Supermicro X11DPH-T, X11DPH-Tq, and X11DPH-i motherboards due to insufficient protection in the system management mode (SMM) callout mechanism. This weakness is present in firmware versions prior to 4.4, potentially allowing unauthorized access and control over the motherboard’s essential functions. Users of these products are strongly advised to update their BIOS to the latest version to mitigate associated security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.supermicro.com/en/support/security_center#%21...

https://www.supermicro.com/en/support/security_BIOS_Jul_2024

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jul 15, 2024

JSON

Supermicro

What is CVE-2024-36434?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.