Stack Buffer Overflow in Supermicro BMC Web Function
CVE-2025-8727

7.2HIGH

Key Information:

Vendor: Smci
Status: X13sedw-f
Vendor: CVE Published:; 18 November 2025

What is CVE-2025-8727?

A security vulnerability has been identified in the BMC web server of the Supermicro MBD-X13SEDW-F product line. This flaw allows an attacker to exploit the server after gaining access, enabling them to execute a specially crafted payload that triggers a stack buffer overflow. This could potentially lead to unauthorized access or execution of malicious code, thereby compromising the integrity of the affected devices and the broader network.

Affected Version(s)

X13SEDW-F BMC 01.03.48

References

https://www.supermicro.com/zh_tw/support/security_BMC_IPM...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 18, 2025
Vulnerability Reserved
Aug 8, 2025

Credit

Coreweave Red Team and Hoang Bui from Coreweave

JSON

Smci

What is CVE-2025-8727?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit