CVE-2024-10239

Summary

CVE-2024-10239 is a vulnerability affecting the firmware image verification implementation in Supermicro's MBD-X12DPG-OA6 motherboard. An attacker with administrator privileges can exploit this issue by uploading a maliciously crafted image. The vulnerability results in a stack overflow due to unchecked input in the 'fsd.max_fld' variable, potentially allowing the attacker to execute arbitrary code and gain unauthorized access to the system. This vulnerability poses a significant risk to organizations using Supermicro motherboards and highlights the importance of keeping firmware up-to-date and implementing strict access control policies.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.