The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and write access to the BMC's physical address space from the host (or from the network in unusual cases where the BMC console uart is attached to a serial concentrator),so there may be security risks.
Besides, we found that the SNMP of a few products has security risks and may be exploited by attackers in some extreme cases.
The affected products and corresponding update versions are shown in the table below.
|Product||BMC Update Version||Download link|
Allows attackers to use the host to access BMC memory and flash without authentication.Vulnerability Scoring Details：
CVSS Base Score: 9.8（AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H）
CVSS Temporal Score：8.8 (E:P/RL:O/RC:C)
The Baseboard Management Controller (BMC) hardware features potentially left it open to unauthenticated compromise from the host and from the BMC console. It could allow the host full access to BMC memory and flash, violating the principle of BMC and host being in separate trust domains.Obtaining Fixed Software：
Common Vulnerabilities and ExposuresRevision History：
noneInspur Security Procedures：
Inspur is committed to ensuring user safety, working to resolve issues quickly when problems arise, and providing recommendations through security advisories and security notices.
If you have information about a security issue or vulnerability with Inspur products and solutions, please send an e-mail to firstname.lastname@example.org. For details, please visit：
If you require technical support, please visit:
Copyright © 2018 Inspur. All Rights Reserved.