Asmb9 Ikvm Firmware
CVE-2021-28191
MEDIUM
Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
The Firmware update function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
AnalysisAI
The Firmware update function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. The Firmware update function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. Affected products include: Asus Asmb9-Ikvm Firmware, Asus Rs720A-E9-Rs24-E Firmware, Asus Rs700A-E9-Rs4 Firmware, Asus Rs700-E9-Rs4 Firmware, Asus Esc4000 G4X Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.
More in Asmb9 Ikvm Firmware
View allThe specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specif
The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific
The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific p
The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specif
The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entere
The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entere
The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify th
The Firmware protocol configuration function in ASUS BMC’s firmware Web management page does not verify the string lengt
The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length
The specific function in ASUS BMC’s firmware Web management page (Generate SSL certificate function) does not verify the
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered b
Same weakness CWE-120 – Classic Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today