CVE-2021-39296

In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system...

CVE-2021-39296

creationtimestamp| type| source ---|---|--- 2023-02-16 16:30:08+00:00| seen| https://t.me/truesecator/4077 2023-02-19 09:01:50+00:00| seen| https://t.me/kasperskyb2b/464...

Integrated BMC and OpenBMC Firmware Advisory

Summary: Potential security vulnerabilities in the Integrated Baseboard Management Controller BMC and OpenBMC firmware in some Intel® platforms may allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability...

Security Bulletin: This Power System update is being released to address CVE 2021-39296

Summary POWER9: In response to a security issue with BMC's IPMI LAN+ interface, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2021-39296. Vulnerability Details CVEID: CVE-2021-39296 DESCRIPTION: OpenBMC could allow a remote...

CVE-2021-39296

CVE-2021-39296: In OpenBMC 2.9, crafted IPMI messages on the netipmid (IPMI LAN+) interface can bypass authentication and grant an attacker full control of the BMC. Intel’s advisory (INTEL-SA-00737) and related vendor bulletins confirm this issue affecting OpenBMC firmware on some Intel platforms...