Firmware Validation Logic Flaw in Supermicro's BMC on MBD-X12STW
CVE-2025-7937

6.6MEDIUM

Key Information:

Vendor: Smci
Status: Mbd-x12stw
Vendor: CVE Published:; 19 September 2025

What is CVE-2025-7937?

A vulnerability exists within the firmware validation logic of the BMC in Supermicro's MBD-X12STW product. This security flaw allows attackers to manipulate the system firmware by uploading a specially crafted image, potentially leading to unauthorized control and compromise of the system's integrity.

Affected Version(s)

MBD-X12STW BMC 01.06.17

References

https://www.supermicro.com/en/support/security_BMC_IPMI_S...

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2025
Vulnerability Reserved
Jul 21, 2025

Credit

Binarly Inc.

Smci

What is CVE-2025-7937?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit