VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 6, 2021· Updated Sep 16, 2024

ASUS BMC's firmware: buffer overflow - Radius configuration function

CVE-2021-28195

Description

The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

ASUS BMC firmware's Radius configuration function has a buffer overflow that allows authenticated remote attackers to crash the web service.

Vulnerability

In ASUS BMC firmware, the Radius configuration function in the web management page does not validate the length of user-supplied strings, leading to a buffer overflow vulnerability. This affects the following products and their respective firmware versions: ASMB9-iKVM 1.11.12, RS720A-E9-RS24-E 1.10.3, RS700A-E9-RS4 1.10.0, RS700-E9-RS4 1.09, ESC4000 G4X 1.11.6, RS700-E9-RS12 1.11.5, RS100-E10-PI2 1.13.6, RS300-E10-PS4 1.13.6, RS300-E10-RS4 1.13.6, RS500A-E9-PS4 1.14.1, RS500A-E9-RS4 1.14.1, RS500A-E9 RS4 U 1.14.1, E700 G4 1.14.1, WS C422 PRO/SE 1.14.1, WS X299 PRO/SE 1.14.1, Z11PA-U12 1.15.1, Z11PA-U12/10G-2S 1.15.1, KNPA-U16 1.13.4, ESC4000 DHD G4 1.13.7, ESC4000 G4 1.15.2, RS720Q-E9-RS24-S 1.15.0, RS720Q-E9-RS8 1.15.0, RS720Q-E9-RS8-S 1.15.0, Z11PA-D8 1.14.1, Z11PA-D8C 1.14.1, RS720-E9-RS24-U 1.14.3, RS720-E9-RS8-G 1.15.2, RS500-E9-PS4 1.15.4, Pro E800 G4 1.14.2, RS500-E9-RS4 1.15.4, RS500-E9-RS4-U 1.15.4, RS520-E9-RS12-E 1.15.3, RS520-E9-RS8 1.15.3, ESC8000 G4 1.15.4, ESC8000 G4/10G 1.15.4, RS720-E9-RS12-E 1.15.2, WS C621E SAGE 1.15.1, RS500A-E10-PS4 1.15.2, RS500A-E10-RS4 1.15.2, RS700A-E9-RS12V2 1.15.1, RS700A-E9-RS4V2 1.15.1, RS720A-E9-RS12V2 1.15.2, RS720A-E9-RS24V2 1.15.1, and Z11PR-D16 1.15.3 [1].

Exploitation

An attacker must first obtain privileged administrative access to the BMC web management interface. With that access, the attacker can send a crafted request to the Radius configuration function with an overly long string, triggering the buffer overflow and causing the web service to terminate abnormally [1].

Impact

Successful exploitation results in a denial-of-service condition where the BMC web service becomes unavailable. The vulnerability has a CVSS score of 4.9 (Medium) with the vector AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H, indicating high availability impact but no confidentiality or integrity loss [1].

Mitigation

ASUS has released updated firmware versions to fix this vulnerability. Users should update to the following versions: ASMB9-iKVM 1.15.3 and other corresponding versions as listed in the advisory [1].

References
  1. ASUS BMC's firmware: buffer overflow - 設定Radius配置

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

45
  • Supermicro/BMC firmwarellm-fuzzy
  • ASUS/BMC firmware for ASMB9-iKVMv5
    Range: 1.11.12
  • ASUS/BMC firmware for E700 G4v5
    Range: 1.14.1
  • ASUS/BMC firmware for ESC4000 DHD G4v5
    Range: 1.13.7
  • ASUS/BMC firmware for ESC4000 G4v5
    Range: 1.15.2
  • ASUS/BMC firmware for ESC4000 G4Xv5
    Range: 1.11.6
  • ASUS/BMC firmware for ESC8000 G4v5
    Range: 1.15.4
  • ASUS/BMC firmware for ESC8000 G4/10Gv5
    Range: 1.15.4
  • ASUS/BMC firmware for KNPA-U16v5
    Range: 1.13.4
  • ASUS/BMC firmware for Pro E800 G4v5
    Range: 1.14.2
  • ASUS/BMC firmware for RS100-E10-PI2v5
    Range: 1.13.6
  • ASUS/BMC firmware for RS300-E10-PS4v5
    Range: 1.13.6
  • ASUS/BMC firmware for RS300-E10-RS4v5
    Range: 1.13.6
  • ASUS/BMC firmware for RS500A-E10-PS4v5
    Range: 1.15.2
  • ASUS/BMC firmware for RS500A-E10-RS4v5
    Range: 1.15.2
  • ASUS/BMC firmware for RS500A-E9-PS4v5
    Range: 1.14.1
  • ASUS/BMC firmware for RS500A-E9 RS4v5
    Range: 1.14.1
  • ASUS/BMC firmware for RS500A-E9-RS4v5
    Range: 1.14.1
  • ASUS/BMC firmware for RS500-E9-PS4v5
    Range: 1.15.4
  • ASUS/BMC firmware for RS500-E9-RS4v5
    Range: 1.15.4
  • ASUS/BMC firmware for RS500-E9-RS4-Uv5
    Range: 1.15.4
  • ASUS/BMC firmware for RS520-E9-RS12-Ev5
    Range: 1.15.3
  • ASUS/BMC firmware for RS520-E9-RS8v5
    Range: 1.15.3
  • ASUS/BMC firmware for RS700A-E9-RS12V2v5
    Range: 1.15.1
  • ASUS/BMC firmware for RS700A-E9-RS4v5
    Range: 1.10.0
  • ASUS/BMC firmware for RS700A-E9-RS4V2v5
    Range: 1.15.1
  • ASUS/BMC firmware for RS700-E9-RS12v5
    Range: 1.11.5
  • ASUS/BMC firmware for RS700-E9-RS4v5
    Range: 1.09
  • ASUS/BMC firmware for RS720A-E9-RS12V2v5
    Range: 1.15.2
  • ASUS/BMC firmware for RS720A-E9-RS24-Ev5
    Range: 1.10.3
  • ASUS/BMC firmware for RS720A-E9-RS24V2v5
    Range: 1.15.1
  • ASUS/BMC firmware for RS720-E9-RS12-Ev5
    Range: 1.15.2
  • ASUS/BMC firmware for RS720-E9-RS24-Uv5
    Range: 1.14.3
  • ASUS/BMC firmware for RS720-E9-RS8-Gv5
    Range: 1.15.2
  • ASUS/BMC firmware for RS720Q-E9-RS24-Sv5
    Range: 1.15.0
  • ASUS/BMC firmware for RS720Q-E9-RS8v5
    Range: 1.15.0
  • ASUS/BMC firmware for RS720Q-E9-RS8-Sv5
    Range: 1.15.0
  • ASUS/BMC firmware for WS C422 PRO/SEv5
    Range: 1.14.1
  • ASUS/BMC firmware for WS C621E SAGEv5
    Range: 1.15.1
  • ASUS/BMC firmware for WS X299 PRO/SEv5
    Range: 1.14.1
  • ASUS/BMC firmware for Z11PA-D8v5
    Range: 1.14.1
  • ASUS/BMC firmware for Z11PA-D8Cv5
    Range: 1.14.1
  • ASUS/BMC firmware for Z11PA-U12v5
    Range: 1.15.1
  • ASUS/BMC firmware for Z11PA-U12/10G-2Sv5
    Range: 1.15.1
  • ASUS/BMC firmware for Z11PR-D16v5
    Range: 1.15.3

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.