go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

ASUS BMC's firmware: buffer overflow - Service configuration-2 function

TVN ID TVN-202103029
CVE ID CVE-2021-28202
CVSS 4.9 (Medium)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Affected Products BMC's firmwares:
ASMB9-iKVM 1.11.12
RS720A-E9-RS24-E 1.10.3
RS700A-E9-RS4 1.10.0
RS700-E9-RS4 1.09
ESC4000 G4X 1.11.6
RS700-E9-RS12 1.11.5
RS100-E10-PI2 1.13.6
RS300-E10-PS4 1.13.6
RS300-E10-RS4 1.13.6
RS500A-E9-PS4 1.14.1
RS500A-E9-RS4 1.14.1
RS500A-E9 RS4 U 1.14.1
E700 G4 1.14.1
WS C422 PRO/SE 1.14.1
WS X299 PRO/SE 1.14.1
Z11PA-U12 1.15.1
Z11PA-U12/10G-2S 1.15.1
KNPA-U16 1.13.4
ESC4000 DHD G4 1.13.7
ESC4000 G4 1.15.2
RS720Q-E9-RS24-S 1.15.0
RS720Q-E9-RS8 1.15.0
RS720Q-E9-RS8-S 1.15.0
Z11PA-D8 1.14.1
Z11PA-D8C 1.14.1
RS720-E9-RS24-U 1.14.3
RS720-E9-RS8-G 1.15.2
RS500-E9-PS4 1.15.4
Pro E800 G4 1.14.2
RS500-E9-RS4 1.15.4
RS500-E9-RS4-U 1.15.4
RS520-E9-RS12-E 1.15.3
RS520-E9-RS8 1.15.3
ESC8000 G4 1.15.4
ESC8000 G4/10G 1.15.4
RS720-E9-RS12-E 1.15.2
WS C621E SAGE 1.15.1
RS500A-E10-PS4 1.15.2
RS500A-E10-RS4 1.15.2
RS700A-E9-RS12V2 1.15.1
RS700A-E9-RS4V2 1.15.1
RS720A-E9-RS12V2 1.15.2
RS720A-E9-RS24V2 1.15.1
Z11PR-D16 1.15.3
Description The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
Solution update BMC's firmwares to the following versions:
ASMB9-iKVM 1.15.3
RS700-E9-RS4 1.15.4
ESC4000 G4X 1.15.6
RS700-E9-RS12 1.15.4
RS100-E10-PI2 1.15.3
RS300-E10-PS4 1.15.3
RS300-E10-RS4 1.15.3
RS500A-E9-PS4 1.14.2
RS500A-E9-RS4 1.14.2
RS500A-E9 RS4 U 1.14.2
E700 G4 1.14.2
WS C422 PRO/SE 1.14.2
WS X299 PRO/SE 1.14.2
Z11PA-U12 1.15.2
Z11PA-U12/10G-2S 1.15.2
KNPA-U16 1.14.5
ESC4000 DHD G4 1.15.2
ESC4000 G4 1.15.6
RS720Q-E9-RS24-S 1.15.1
RS720Q-E9-RS8 1.15.1
RS720Q-E9-RS8-S 1.15.1
Z11PA-D8 1.15.2
Z11PA-D8C 1.15.2
RS720-E9-RS24-U 1.15.5
RS720-E9-RS8-G 1.15.4
RS500-E9-PS4 1.15.5
Pro E800 G4 1.15.2
RS500-E9-RS4 1.15.5
RS500-E9-RS4-U 1.15.5
RS520-E9-RS12-E 1.15.4
RS520-E9-RS8 1.15.4
ESC8000 G4 1.15.5
ESC8000 G4/10G 1.15.5
RS720-E9-RS12-E 1.15.3
WS C621E SAGE 1.15.3
RS500A-E10-PS4 1.15.3
RS500A-E10-RS4 1.15.3
RS700A-E9-RS12V2 1.15.3
RS700A-E9-RS4V2 1.15.3
RS720A-E9-RS12V2 1.15.3
RS720A-E9-RS24V2 1.15.3
Z11PR-D16 1.15.4
Credit ASUS
Public Date 2021-04-06
Top