CVE-2025-12007 | THREATINT

Description

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image.

PUBLISHED Reserved 2025-10-21 | Published 2026-01-16 | Updated 2026-02-04 | Assigner Supermicro

Problem types

CWE-347 Improper Verification of Cryptographic Signature

Product status

Default status

unaffected

fixed in 01.06.10

unaffected

01.05.02

affected

Credits

Binarly Inc. finder

References

www.supermicro.com/en/support/security_BMC_IPMI_Jan_2026

cve.org (CVE-2025-12007)

nvd.nist.gov (CVE-2025-12007)

Download JSON