Subj : Experts warn Supermicro motherboards can be infected with "unremo To : All From : TechnologyDaily Date : Thu Sep 25 2025 17:30:10 Experts warn Supermicro motherboards can be infected with "unremovable" new malware - here's what we know Date: Thu, 25 Sep 2025 16:28:00 +0000 Description: Last year's fix wasn't good enough, Binarly says, as it finds new ways to exploit an old flaw. FULL STORY ======================================================================Binarly finds new Supermicro BMC flaws enabling persistent, unremovable malware installation Attackers can bypass previous patches and exploit firmware validation logic inconsistencies Researchers recommend hardware-backed Root of Trust and stricter firmware integrity checks Motherboards built by Supermicro can be infected by unremovable malware , security experts from Binarly have said, in a recently published detailed analysis of two newly discovered vulnerabilities. The vulnerabilities were found in Supermicros Baseboard Management Controller (BMC) firmware, which effectively revive a previously patched issue and expose critical weaknesses in the firmwares validation process. A Baseboard Management Controller (BMC) is a microcontroller built into server motherboards that enables out-of-band system management. It runs independently of the main CPU and allows admins to maintain servers remotely, even when theyre shut down. Earlier in 2025, a vulnerability tracked as CVE-2024-10237 was patched. The bug was a logic flaw in the image authentication design that allowed attackers to reflash the BMC SPI chip with malicious firmware. Passing validation checks Now, security researchers Binarly found a way to bypass this fix and still flash malicious firmware, gaining persistent control over BMC servers, a discovery which resulted in two listed flaws: CVE-2025-7937 and CVE-2025-6198. CVE-2025-7937 represents a bypass of the original patch, enabling attackers to exploit the same vulnerability through somewhat modified techniques. CVE-2025-6198, on the other hand, affects other Supermicro products and uses a distinct exploitation method to achieve similar results, including the ability to circumvent the Root of Trust (RoT) security feature. Binarly says these vulnerabilities are particularly dangerous since they allow threat actors with admin access to upload specially crafted firmware images that pass validation checks, despite being malicious. Once installed, the rogue firmware can provide full and persistent control over both the BMC and the host operating system, granting a level of access thats difficult to detect and remove. Binarlys investigation revealed the firmware validation process across Supermicro devices typically involves three steps, but inconsistencies and flawed logic in implementation left room for exploitation. As a result, they are warning against relying exclusively on software-based validation mechanisms, and instead advise for stronger protections such as hardware-backed RoT features and stronger integrity checks during firmware updates. Via BleepingComputer You might also like Asus patches security flaw which could have bricked servers Take a look at our guide to the best authenticator app We've rounded up the best password managers ====================================================================== Link to news story: https://www.techradar.com/pro/security/supermicro-motherboards-can-be-infected -with-unremovable-new-malware --- Mystic BBS v1.12 A49 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .