What is the severity of CVE-2023-35861?

CVE-2023-35861 is considered a critical vulnerability as it allows remote attackers to execute arbitrary commands as root on affected Supermicro motherboards.

What systems are affected by CVE-2023-35861?

CVE-2023-35861 affects Supermicro motherboards, specifically H12DST-B versions before 03.10.35.

How can I fix CVE-2023-35861?

To fix CVE-2023-35861, users are advised to update their Supermicro firmware to version 03.10.35 or later.

What type of vulnerability is CVE-2023-35861?

CVE-2023-35861 is a shell-injection vulnerability that can be exploited through email notifications.

Can CVE-2023-35861 be exploited remotely?

Yes, CVE-2023-35861 can be exploited remotely, allowing attackers to gain unauthorized root access.

Vulnerability/
CVE-2023-35861

critical

9.8

CWE

31/7/2023

22/10/2024

CVE-2023-35861: OS Command Injection

First published: Mon Jul 31 2023(Updated: )

A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03.10.35) allows remote attackers to inject execute arbitrary commands as root on the BMC.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Supermicro H12DST-B Firmware	<03.10.35
Supermicro H12DST-B Firmware
Supermicro X13DAI-T Firmware
Supermicro X13DAI-T Firmware
Supermicro X13DDW-A Firmware
Supermicro X13DDW-A
Supermicro x13deg-oa firmware
Supermicro X13DEG-OAD
Supermicro X13DEG-OAD
Supermicro X13DEG-OAD
Supermicro x13deg-pvc
Supermicro X13DEG-PVC
Supermicro X13DEG-QT Firmware
Supermicro x13deg-qt firmware
Supermicro X13DEI
Supermicro X13DEI Firmware
Supermicro X13DEI
Supermicro X13DEI-T Firmware
Supermicro X13DEM
Supermicro X13DEM Firmware
Supermicro x13det-b firmware
Supermicro x13det-b firmware
Supermicro X13DG-U Firmware
Supermicro X13 Series
Supermicro x13dsf-a firmware
Supermicro X13DSF-A
Supermicro X13QEH+ Firmware
Supermicro x13qeh+
Supermicro x13sae firmware
Supermicro x13sae firmware
Supermicro X13SAE-F Firmware
Supermicro x13sae-f firmware
Supermicro x13san-c firmware
Supermicro x13san-c firmware
Supermicro x13SAN-C-WOHS Firmware
Supermicro x13san-c-wohs firmware
Supermicro X13SAN-E-WOHS
Supermicro x13san-e-wohs firmware
Supermicro X13SAN-E-WOHS
Supermicro X13SAN-E Firmware
Supermicro X13SAN-H Firmware
Supermicro X13SAN-H
Supermicro x13san-h firmware
Supermicro x13san-h-wohs firmware
Supermicro x13san-l firmware
Supermicro x13san-l firmware
Supermicro x13san-l-wohs
Supermicro X13SAN-L-WOHS
Supermicro X13SAQ Firmware
Supermicro x13saq firmware
Supermicro x13sav-lvds firmware
Supermicro x13sav-lvds firmware
Supermicro x13sav-ps firmware
Supermicro x13sav-ps firmware
Supermicro x13saz-f
Supermicro X13SAZ-F
Supermicro X13SAZ-Q
Supermicro X13SAZ-Q Firmware
Supermicro X13SEDW-F
Supermicro X13SEDW-F
Supermicro X13SEED-F Firmware
Supermicro X13 Seed-F
Supermicro X13 Seed-SF Firmware
Supermicro X13 Series
Supermicro X13SEFR-A Firmware
Supermicro x13sefr-a firmware
Supermicro X13SEI-F Firmware
Supermicro X13SEI-F
Supermicro x13sei-tf firmware
Supermicro x13sei-tf firmware
Supermicro X13SEM-F Firmware
Supermicro X13SEM-F
Supermicro x13sem-tf firmware
Supermicro X13SEM-TF
Supermicro X13SET-G Firmware
Supermicro x13set-g firmware
Supermicro x13set-gc firmware
Supermicro x13set-gc firmware
Supermicro x13sew-f
Supermicro X13SEW-F
Supermicro X13SEW-TF
Supermicro x13sew-tf firmware
Supermicro X13SRA-TF Firmware
Supermicro x13sra-tf firmware
Supermicro X13SRN-E Firmware
Supermicro x13srn-e firmware
Supermicro x13srn-e-wohs
Supermicro X13SRN-E-WOHS
Supermicro x13srn-h-wohs
Supermicro X13SRN-H
Supermicro X13SRN-H-WOHS Firmware
Supermicro X13SRN-H
Supermicro X13Swa-TF Firmware
Supermicro X13Swa-TF Firmware
Supermicro H13DSG-O-CPU Firmware
Supermicro h13dsg-o-cpu firmware
Supermicro H13DSG-O-CPU-D
Supermicro H13DSG-O-CPU-D Firmware
Supermicro H13DSH
Supermicro H13DSH Firmware
Supermicro H13SAE-MF Firmware
Supermicro H13SAE-MF Firmware
Supermicro H13SRD-F
Supermicro H13SRD-F
Supermicro H13SSF
Supermicro H13SSF Firmware
Supermicro H13SSH Firmware
Supermicro H13SSH Firmware
Supermicro H13SSL-NT Firmware
Supermicro H13SSL-N
Supermicro H13SSL-NT Firmware
Supermicro h13ssl-nt firmware
Supermicro H13ST-G
Supermicro H13SST-GC
Supermicro H13SST-GC Firmware
Supermicro H13SST-GC Firmware
Supermicro H13SSW
Supermicro H13SSW Firmware
Supermicro X12DAI-N6 Firmware
Supermicro x12dai-n6 firmware
Supermicro X12DDW-A6 Firmware
Supermicro X12DDW-A6
Supermicro x12dgo-6 firmware
Supermicro x12dgo-6 firmware
Supermicro x12dgq-r firmware
Supermicro X12DGQ-R
Supermicro X12DG-U Firmware
Supermicro X12DG-U
Supermicro x12dhm-6 firmware
Supermicro x12dhm-6 firmware
Supermicro x12dpd-a6m25 firmware
Supermicro x12dpd-a6m25 firmware
Supermicro X12DPFR-AN6 Firmware
Supermicro x12dpfr-an6 firmware
Supermicro X12DPG-AR
Supermicro X12DPG-AR
Supermicro X12DPG-OA6 Firmware
Supermicro x12dpg-oa6 firmware
Supermicro X12DPG-OA6-GD2 Firmware
Supermicro X12DPG-OA6-GD2
Supermicro X12DPG-QBT6 Firmware
Supermicro x12dpg-qbt6 firmware
Supermicro X12DPG-QR
Supermicro X12DPG-QR
Supermicro X12DPG-QT6 Firmware
Supermicro X12DPG-QT6
Supermicro X12DPG-U6 Firmware
Supermicro x12dpg-u6 firmware
Supermicro X12DPI-N6
Supermicro X12DPI-N6
Supermicro X12DPI-NT6
Supermicro X12DPI-N6
Supermicro x12dpl-i6
Supermicro x12dpl-i6 firmware
Supermicro x12dpl-nt6 firmware
Supermicro x12dpl-nt6 firmware
Supermicro x12dpt-b6
Supermicro X12DP-T B6 Firmware
Supermicro x12dpt-pt46
Supermicro X12DP1-PT
Supermicro x12DPT-PT6 Firmware
Supermicro x12dpt-pt6 firmware
Supermicro X12DPU-6 Firmware
Supermicro x12dpu-6 firmware
Supermicro x12dsc-6 firmware
Supermicro x12dsc-6 firmware
Supermicro x12qch+ firmware
Supermicro x12qch+
Supermicro x12sae firmware
Supermicro X12SAE-5
Supermicro x12sae firmware
Supermicro X12SAE
Supermicro x12sca-5f
Supermicro X12SC-A-5
Supermicro x12sca-f firmware
Supermicro X12SC-A-F
Supermicro X12 Series Firmware
Supermicro X12SCQ Firmware
Supermicro X12SCV-LVDS Firmware
Supermicro X12SCV-LVDS
Supermicro X12SCV-W Firmware
Supermicro x12scv-w firmware
Supermicro x12scz-f firmware
Supermicro X12SCZ-F
Supermicro x12scz-qf firmware
Supermicro x12scz-qf firmware
Supermicro X12SCZ-TLN4F Firmware
Supermicro X12SCZ-TLN4F
Supermicro X12SDV-10C-SP6F
Supermicro X12SDV-10C-SP6F
Supermicro x12sdv-10c-spt4f
Supermicro X12SDV-10C-SPT4F
Supermicro x12sdv firmware
Supermicro x12sdv-14c-spt8f firmware
Supermicro x12sdv firmware
Supermicro x12sdv-16c-spt8f firmware
Supermicro x12sdv-20c-spt8f
Supermicro x12sdv-20c-spt8f firmware
Supermicro x12sdv-4c-sp6f firmware
Supermicro x12sdv-4c-sp6f firmware
Supermicro X12SDV Firmware
Supermicro x12sdv-4c-spt4f firmware
Supermicro x12sdv-4c-spt8f
Supermicro x12sdv-4c-spt8f firmware
Supermicro X12SDV-8C-SP6F Firmware
Supermicro X12SDV-8C-SP6F Firmware
Supermicro x12sdv-8c-spt4f
Supermicro x12sdv-8c-spt4f firmware
Supermicro x12sdv-8c-spt8f firmware
Supermicro x12sdv-8c-spt8f firmware
Supermicro x12sdv firmware
Supermicro x12sdv-8ce-sp4f firmware
Supermicro X12SPA-TF
Supermicro X12SPA-TF
Supermicro x12sped-f firmware
Supermicro X12SPED-F
Supermicro X12SPG-NF
Supermicro x12spg-nf firmware
Supermicro x12spi-tf firmware
Supermicro x12spi-tf firmware
Supermicro x12spl-f firmware
Supermicro x12spl-f firmware
Supermicro x12spl-ln4f firmware
Supermicro x12spl-ln4f firmware
Supermicro x12spm-ln4f
Supermicro X12SPM-LN4F
Supermicro X12SPM-LN6TF Firmware
Supermicro x12spm-ln6tf firmware
Supermicro X12SPM-TF Firmware
Supermicro X12SPM-TF Firmware
Supermicro X12SP0-F Firmware
Supermicro X12SP-O-F
Supermicro X12SP0-NTF Firmware
Supermicro x12spo-ntf firmware
Supermicro X12SPT-G
Supermicro X12SPT-G
Supermicro X12SPT-GC Firmware
Supermicro X12SPT-GC
Supermicro X12SPT-PT Firmware
Supermicro X12SPT-PT Firmware
Supermicro X12SPW-TF Firmware
Supermicro X12SPW-TF Firmware
Supermicro X12SPW-TF Firmware
Supermicro X12SPW-TF Firmware
Supermicro X12SPZ-LN4F Firmware
Supermicro x12spz-ln4f firmware
Supermicro X12 Series Firmware
Supermicro X12SPZ-SPLN6F
Supermicro X12STD-F
Supermicro X12STD-F Firmware
Supermicro X12 Series Firmware
Supermicro X12STE-F
Supermicro x12sth-f firmware
Supermicro X12STH-F
Supermicro x12sth-ln4f
Supermicro X12STH-LN4F
Supermicro X12 Series Firmware
Supermicro X12STH-SYS
Supermicro x12stl-if firmware
Supermicro X12STL-F
Supermicro x12stl-if
Supermicro X12STL-IF
Supermicro x12stn-c firmware
Supermicro x12stn-c firmware
Supermicro X12STN-C-WOHS Firmware
Supermicro X12STN-C-WOHS
Supermicro X12STN-E Firmware
Supermicro x12stn-e-wohs firmware
Supermicro X12STN-E-WOHS
Supermicro X12STN-E-WOHS
Supermicro x12stn-h-wohs firmware
Supermicro x12STN- H-WOHS
Supermicro x12stn-h firmware
Supermicro x12STN-H-WOHS
Supermicro X12STN-L Firmware
Supermicro x12stn-l firmware
Supermicro X12STN-L-WOHS Firmware
Supermicro X12STN-L-WOHS Firmware
Supermicro x12stw-f firmware
Supermicro X12STW-F
Supermicro x12stw-tf firmware
Supermicro x12stw-tf firmware
Supermicro H12SSW-NTR
Supermicro H12 Series
Supermicro H12SSW-NTL
Supermicro H12SSW-NTL
Supermicro H12SSW-NT
Supermicro H12SSW-NT Firmware
Supermicro H12SSW-INR
Supermicro H12SSW-INR Firmware
Supermicro H12SSW-INL
Supermicro H12SSW-INL Firmware
Supermicro H12SSW-IN Firmware
Supermicro H12SSW-IN Firmware
Supermicro H12SSW-AN6
Supermicro H12SSW
Supermicro H12 SST-PS
Supermicro H12 SST-PS
Supermicro H12SSL-NT Firmware
Supermicro H12SSL-NT Firmware
Supermicro H12SSL-CT Firmware
Supermicro H12SSL-i Firmware
Supermicro H12SSL-CT
Supermicro H12SSL-CT Firmware
Supermicro H12SSL-C Firmware
Supermicro H12SSL-C Firmware
Supermicro H12SSG-ANP6
Supermicro H12SSG-ANP6 Firmware
Supermicro H12SSG-AN6
Supermicro H12SSG-AN6 Firmware
Supermicro H12SSFR-AN6
Supermicro H12SSFR-AN6 Firmware
Supermicro H12SSFF-AN6
Supermicro H12SSFF-AN6 Firmware
Supermicro H12DSU-INR
Supermicro H12DSU-INR Firmware
Supermicro H12DSU-INR
Supermicro H12DSU-INR
Supermicro H12DST-B Firmware
Supermicro H12DSI-NT6
Supermicro H12DSI-NT6 Firmware
Supermicro H12DSI-N6
Supermicro H12DSI-N6 Firmware
Supermicro H12DSG-Q CPU6
Supermicro H12DSG-Q CPU6
Supermicro H12DSG-O CPU Firmware
Supermicro H12DSG-O CPU Firmware
Supermicro H12DGQ-NT6
Supermicro H12DGQ-NT6 Firmware
Supermicro H12DGO-6
Supermicro H12DGO-6 Firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-35861?
CVE-2023-35861 is considered a critical vulnerability as it allows remote attackers to execute arbitrary commands as root on affected Supermicro motherboards.
What systems are affected by CVE-2023-35861?
CVE-2023-35861 affects Supermicro motherboards, specifically H12DST-B versions before 03.10.35.
How can I fix CVE-2023-35861?
To fix CVE-2023-35861, users are advised to update their Supermicro firmware to version 03.10.35 or later.
What type of vulnerability is CVE-2023-35861?
CVE-2023-35861 is a shell-injection vulnerability that can be exploited through email notifications.
Can CVE-2023-35861 be exploited remotely?
Yes, CVE-2023-35861 can be exploited remotely, allowing attackers to gain unauthorized root access.