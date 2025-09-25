Binarly finds new Supermicro BMC flaws enabling persistent, unremovable malware installation

Attackers can bypass previous patches and exploit firmware validation logic inconsistencies

Researchers recommend hardware-backed Root of Trust and stricter firmware integrity checks

Motherboards built by Supermicro can be infected by “unremovable” malware, security experts from Binarly have said, in a recently published detailed analysis of two newly discovered vulnerabilities.

The vulnerabilities were found in Supermicro’s Baseboard Management Controller (BMC) firmware, which effectively revive a previously patched issue and expose critical weaknesses in the firmware’s validation process.

A Baseboard Management Controller (BMC) is a microcontroller built into server motherboards that enables out-of-band system management. It runs independently of the main CPU and allows admins to maintain servers remotely, even when they’re shut down. Earlier in 2025, a vulnerability tracked as CVE-2024-10237 was patched. The bug was a logic flaw in the image authentication design that allowed attackers to reflash the BMC SPI chip with malicious firmware.

Passing validation checks

Now, security researchers Binarly found a way to bypass this fix and still flash malicious firmware, gaining persistent control over BMC servers, a discovery which resulted in two listed flaws: CVE-2025-7937 and CVE-2025-6198.

CVE-2025-7937 represents a bypass of the original patch, enabling attackers to exploit the same vulnerability through somewhat modified techniques. CVE-2025-6198, on the other hand, affects other Supermicro products and uses a distinct exploitation method to achieve similar results, including the ability to circumvent the Root of Trust (RoT) security feature.

Binarly says these vulnerabilities are particularly dangerous since they allow threat actors with admin access to upload specially crafted firmware images that pass validation checks, despite being malicious.

Once installed, the rogue firmware can provide full and persistent control over both the BMC and the host operating system, granting a level of access that’s difficult to detect and remove.

Binarly’s investigation revealed the firmware validation process across Supermicro devices typically involves three steps, but inconsistencies and flawed logic in implementation left room for exploitation.

As a result, they are warning against relying exclusively on software-based validation mechanisms, and instead advise for stronger protections such as hardware-backed RoT features and stronger integrity checks during firmware updates.

Via BleepingComputer