CVE-2021-28201: ASUS BMC's firmware: buffer overflow - Service configuration-1 function
First published: Tue Apr 06 2021(Updated: )
The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
Credit: twcert@cert.org.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Asus ASMB9-IKVM | =1.11.12 | |
| Asus Asmb9-ikvm Firmware | ||
| Asus RS720A-E9-RS24-E | =1.10.3 | |
| Asus Rs720a-e9-rs24-e Firmware | ||
| Asus RS700A-E9-RS4V2 | =1.10.0 | |
| Asus RS700A-E9-RS4V2 | ||
| Asus RS700-E9-RS4 | =1.09 | |
| Asus Rs700-e9-rs4 Firmware | ||
| Asus Esc4000 G4x Firmware | =1.11.6 | |
| Asus Esc4000 G4x Firmware | ||
| Asus RS700-E9-RS12 | =1.11.5 | |
| Asus RS700-E9-RS12 | ||
| Asus RS100-E10-PI2 | =1.13.6 | |
| Asus RS100-E10-PI2 | ||
| Asus RS300-E10-PS4 | =1.13.6 | |
| Asus RS300-E10-PS4 Firmware | ||
| Asus RS300-E10-RS4 | =1.13.6 | |
| Asus RS300-E10-RS4 Firmware | ||
| Asus RS500A-E9-PS4 | =1.14.1 | |
| Asus RS500-E9-PS4 | ||
| Asus RS500A-E9 RS4 U | =1.14.1 | |
| Asus RS500A-E9 RS4 U | ||
| Asus RS500A-E9-PS4 | =1.14.1 | |
| Asus RS500A-E9 RS4 U Firmware | ||
| Asus E700 G4 | =1.14.1 | |
| Asus E700 G4 | ||
| Asus WS C422 Pro/SE Firmware | =1.14.1 | |
| Asus WS C422 Pro/SE | ||
| Asus Ws X299 Pro/se Firmware | =1.14.1 | |
| Asus WS X299 Pro/SE | ||
| Asus Z11pa-u12 Firmware | =1.15.1 | |
| Asus Z11pa-u12 Firmware | ||
| Asus Z11pa-u12/10g-2s Firmware | =1.15.1 | |
| Asus Z11pa-u12/10g-2s | ||
| Asus Knpa-u16 | =1.13.4 | |
| Asus Knpa-u16 Firmware | ||
| Asus Esc4000 Dhd G4 | =1.13.7 | |
| Asus Esc4000 Dhd G4 | ||
| Asus Esc4000 G4 | =1.15.2 | |
| Asus Esc4000 G4 Firmware | ||
| Asus RS720Q-E9-RS24-S Firmware | =1.15.0 | |
| Asus RS720Q-E9-RS24-S Firmware | ||
| Asus RS720Q-E9-RS8 | =1.15.0 | |
| Asus RS720Q-E9-RS8 Firmware | ||
| Asus RS720Q-E9-RS8-S | =1.15.0 | |
| Asus Rs720q-e9-rs24-s | ||
| Asus Z11pa-d8 | =1.14.1 | |
| Asus Z11pa-d8 Firmware | ||
| Asus Z11pa-d8c Firmware | =1.14.1 | |
| Asus Z11pa-d8c Firmware | ||
| Asus RS720-E9-RS24-U | =1.14.3 | |
| Asus RS720-E9-RS24-U | ||
| Asus RS720-E9-RS8-G | =1.15.2 | |
| Asus Rs720-e9-rs8-g Firmware | ||
| Asus RS500A-E9-PS4 | =1.15.4 | |
| Asus RS500-E9-PS4 | ||
| Asus Pro E800 G4 | =1.14.2 | |
| Asus Pro E800 G4 | ||
| Asus RS500-E9-RS4 Firmware | =1.15.4 | |
| Asus RS500-E9-RS4 Firmware | ||
| Asus Rs500-e9-rs4 | =1.15.4 | |
| Asus Rs500-e9-rs4 | ||
| Asus RS520-E9-RS12-E | =1.15.3 | |
| Asus RS520-E9-RS12-E Firmware | ||
| Asus RS520-E9-RS8 | =1.15.3 | |
| Asus Rs520-e9-rs8 Firmware | ||
| Asus Esc8000 G4/10g Firmware | =1.15.4 | |
| Asus Esc8000 G4/10g Firmware | ||
| Asus Esc8000 G4/10g Firmware | =1.15.4 | |
| Asus Esc8000 G4/10g | ||
| Asus RS520-E9-RS12-E Firmware | =1.15.2 | |
| Asus RS720-E9-RS12-E Firmware | ||
| Asus WS C621E Sage | =1.15.1 | |
| Asus Ws C621e Sage Firmware | ||
| Asus RS500A-E10-PS4 | =1.15.2 | |
| Asus Rs500a-e10-ps4 Firmware | ||
| Asus RS500A-E10-RS4 | =1.15.2 | |
| Asus RS500A-E10-RS4 | ||
| Asus RS700A-E9-RS12V2 | =1.15.1 | |
| Asus RS720A-E9-RS12V2 | ||
| Asus RS700A-E9-RS4V2 | =1.15.1 | |
| Asus RS700A-E9-RS4V2 Firmware | ||
| Asus RS720A-E9-RS12V2 | =1.15.2 | |
| Asus RS720A-E9-RS12V2 | ||
| Asus Rs720a-e9-rs24v2 | =1.15.1 | |
| Asus Rs720a-e9-rs24v2 Firmware | ||
| Asus Z11pr-d16 | =1.15.3 | |
| Asus Z11pr-d16 Firmware |
Remedy
update BMC's firmwares to the following versions: ESC4000 G4X 1.15.6 RS700-E9-RS12 1.15.4 RS100-E10-PI2 1.15.3 RS300-E10-PS4 1.15.3 RS300-E10-RS4 1.15.3 RS500A-E9-PS4 1.14.2 RS500A-E9-RS4 1.14.2 RS500A-E9 RS4 U 1.14.2 E700 G4 1.14.2 WS C422 PRO/SE 1.14.2 WS X299 PRO/SE 1.14.2 Z11PA-U12 1.15.2 KNPA-U16 1.14.5 ESC4000 DHD G4 1.15.2 ESC4000 G4 1.15.6 RS720Q-E9-RS24-S 1.15.1 RS720Q-E9-RS8 1.15.1 RS720Q-E9-RS8-S 1.15.1 Z11PA-D8 1.15.2 Z11PA-D8C 1.15.2 RS720-E9-RS24-U 1.15.5 RS720-E9-RS8-G 1.15.4 RS500-E9-PS4 1.15.5 Pro E800 G4 1.15.2 RS500-E9-RS4 1.15.5 RS500-E9-RS4-U 1.15.5 RS520-E9-RS12-E 1.15.4 RS520-E9-RS8 1.15.4 ESC8000 G4 1.15.5 ESC8000 G4/10G 1.15.5 RS720-E9-RS12-E 1.15.3 WS C621E SAGE 1.15.3 RS500A-E10-PS4 1.15.3 RS500A-E10-RS4 1.15.3 RS700A-E9-RS12V2 1.15.3 RS700A-E9-RS4V2 1.15.3 RS720A-E9-RS12V2 1.15.3 RS720A-E9-RS24V2 1.15.3 Z11PR-D16 1.15.4
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-28201?
CVE-2021-28201 is rated as critical due to the potential for remote code execution through buffer overflow exploitation.
How do I fix CVE-2021-28201?
To fix CVE-2021-28201, update the affected ASUS BMC firmware to the latest version provided by ASUS.
Which ASUS firmware versions are affected by CVE-2021-28201?
CVE-2021-28201 affects specific firmware versions including ASUS ASMB9-IKVM firmware 1.11.12, RS720A-E9-RS24-E firmware 1.10.3, and several others listed in the advisory.
Can CVE-2021-28201 be exploited remotely?
Yes, CVE-2021-28201 can be exploited remotely by attackers with the ability to send specially crafted input to the web management interface.
What impact does CVE-2021-28201 have on systems?
The impact of CVE-2021-28201 includes unauthorized access, system crashes, or potential execution of arbitrary code leading to compromised systems.
- agent/type
- agent/weakness
- agent/title
- agent/severity
- agent/author
- agent/references
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/asus
- canonical/asus asmb9-ikvm
- version/asus asmb9-ikvm/1.11.12
- canonical/asus asmb9-ikvm firmware
- canonical/asus rs720a-e9-rs24-e
- version/asus rs720a-e9-rs24-e/1.10.3
- canonical/asus rs720a-e9-rs24-e firmware
- canonical/asus rs700a-e9-rs4v2
- version/asus rs700a-e9-rs4v2/1.10.0
- canonical/asus rs700-e9-rs4
- version/asus rs700-e9-rs4/1.09
- canonical/asus rs700-e9-rs4 firmware
- canonical/asus esc4000 g4x firmware
- version/asus esc4000 g4x firmware/1.11.6
- canonical/asus rs700-e9-rs12
- version/asus rs700-e9-rs12/1.11.5
- canonical/asus rs100-e10-pi2
- version/asus rs100-e10-pi2/1.13.6
- canonical/asus rs300-e10-ps4
- version/asus rs300-e10-ps4/1.13.6
- canonical/asus rs300-e10-ps4 firmware
- canonical/asus rs300-e10-rs4
- version/asus rs300-e10-rs4/1.13.6
- canonical/asus rs300-e10-rs4 firmware
- canonical/asus rs500a-e9-ps4
- version/asus rs500a-e9-ps4/1.14.1
- canonical/asus rs500-e9-ps4
- canonical/asus rs500a-e9 rs4 u
- version/asus rs500a-e9 rs4 u/1.14.1
- canonical/asus rs500a-e9 rs4 u firmware
- canonical/asus e700 g4
- version/asus e700 g4/1.14.1
- canonical/asus ws c422 pro/se firmware
- version/asus ws c422 pro/se firmware/1.14.1
- canonical/asus ws c422 pro/se
- canonical/asus ws x299 pro/se firmware
- version/asus ws x299 pro/se firmware/1.14.1
- canonical/asus ws x299 pro/se
- canonical/asus z11pa-u12 firmware
- version/asus z11pa-u12 firmware/1.15.1
- canonical/asus z11pa-u12/10g-2s firmware
- version/asus z11pa-u12/10g-2s firmware/1.15.1
- canonical/asus z11pa-u12/10g-2s
- canonical/asus knpa-u16
- version/asus knpa-u16/1.13.4
- canonical/asus knpa-u16 firmware
- canonical/asus esc4000 dhd g4
- version/asus esc4000 dhd g4/1.13.7
- canonical/asus esc4000 g4
- version/asus esc4000 g4/1.15.2
- canonical/asus esc4000 g4 firmware
- canonical/asus rs720q-e9-rs24-s firmware
- version/asus rs720q-e9-rs24-s firmware/1.15.0
- canonical/asus rs720q-e9-rs8
- version/asus rs720q-e9-rs8/1.15.0
- canonical/asus rs720q-e9-rs8 firmware
- canonical/asus rs720q-e9-rs8-s
- version/asus rs720q-e9-rs8-s/1.15.0
- canonical/asus rs720q-e9-rs24-s
- canonical/asus z11pa-d8
- version/asus z11pa-d8/1.14.1
- canonical/asus z11pa-d8 firmware
- canonical/asus z11pa-d8c firmware
- version/asus z11pa-d8c firmware/1.14.1
- canonical/asus rs720-e9-rs24-u
- version/asus rs720-e9-rs24-u/1.14.3
- canonical/asus rs720-e9-rs8-g
- version/asus rs720-e9-rs8-g/1.15.2
- canonical/asus rs720-e9-rs8-g firmware
- version/asus rs500a-e9-ps4/1.15.4
- canonical/asus pro e800 g4
- version/asus pro e800 g4/1.14.2
- canonical/asus rs500-e9-rs4 firmware
- version/asus rs500-e9-rs4 firmware/1.15.4
- canonical/asus rs500-e9-rs4
- version/asus rs500-e9-rs4/1.15.4
- canonical/asus rs520-e9-rs12-e
- version/asus rs520-e9-rs12-e/1.15.3
- canonical/asus rs520-e9-rs12-e firmware
- canonical/asus rs520-e9-rs8
- version/asus rs520-e9-rs8/1.15.3
- canonical/asus rs520-e9-rs8 firmware
- canonical/asus esc8000 g4/10g firmware
- version/asus esc8000 g4/10g firmware/1.15.4
- canonical/asus esc8000 g4/10g
- version/asus rs520-e9-rs12-e firmware/1.15.2
- canonical/asus rs720-e9-rs12-e firmware
- canonical/asus ws c621e sage
- version/asus ws c621e sage/1.15.1
- canonical/asus ws c621e sage firmware
- canonical/asus rs500a-e10-ps4
- version/asus rs500a-e10-ps4/1.15.2
- canonical/asus rs500a-e10-ps4 firmware
- canonical/asus rs500a-e10-rs4
- version/asus rs500a-e10-rs4/1.15.2
- canonical/asus rs700a-e9-rs12v2
- version/asus rs700a-e9-rs12v2/1.15.1
- canonical/asus rs720a-e9-rs12v2
- version/asus rs700a-e9-rs4v2/1.15.1
- canonical/asus rs700a-e9-rs4v2 firmware
- version/asus rs720a-e9-rs12v2/1.15.2
- canonical/asus rs720a-e9-rs24v2
- version/asus rs720a-e9-rs24v2/1.15.1
- canonical/asus rs720a-e9-rs24v2 firmware
- canonical/asus z11pr-d16
- version/asus z11pr-d16/1.15.3
- canonical/asus z11pr-d16 firmware