ASUS BMC's firmware: buffer overflow - Radius configuration function
Description
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ASUS BMC firmware's Radius configuration function lacks input length validation, enabling a buffer overflow that lets privileged attackers crash the web service.
Vulnerability
The Radius configuration function in ASUS BMC's firmware Web management page does not verify the string length entered by users, resulting in a buffer overflow vulnerability [1]. This function is accessible via the web interface under privileged credentials. Affected firmware versions include Z10PR-D16 1.14.51, ASMB8-iKVM 1.14.51, and Z10PE-D16 WS 1.14.2 [1].
Exploitation
An attacker must first obtain privileged administrative access to the BMC's web management interface. Once authenticated, the attacker can send a specially crafted input to the Radius configuration parameter that exceeds the expected buffer length, triggering a buffer overflow condition [1]. No user interaction beyond initial authentication is required.
Impact
A successful overflow causes the web service to abnormally terminate, resulting in a denial-of-service (DoS) condition affecting the availability of the management interface [1]. The CVSS v3.1 base score is 4.9 (Medium), with vector AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H [1]. No confidentiality or integrity impact is reported.
Mitigation
ASUS has released updated firmware versions that address this vulnerability: Z10PR-D16 1.16.1, ASMB8-iKVM 1.16.1, and Z10PE-D16 WS 1.16.1 [1]. Users should update to these versions or later. No workarounds are documented in the available references.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- ASUS/BMC firmware for ASMB8-iKVMv5Range: 1.14.51
- ASUS/BMC firmware for Z10PE-D16 WSv5Range: 1.14.2
- ASUS/BMC firmware for Z10PR-D16v5Range: 1.14.51
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.asus.com/content/ASUS-Product-Security-Advisory/mitrex_refsource_MISC
- www.asus.com/tw/support/callus/mitrex_refsource_MISC
- www.twcert.org.tw/tw/cp-132-4543-98220-1.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.