Unrated severityNVD Advisory· Published Apr 6, 2021· Updated Sep 16, 2024
ASUS BMC's firmware: buffer overflow - Firmware protocol configuration
CVE-2021-28198
Description
The Firmware protocol configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
45- ASUS/BMC firmware for ASMB9-iKVMv5Range: 1.11.12
- ASUS/BMC firmware for E700 G4v5Range: 1.14.1
- ASUS/BMC firmware for ESC4000 DHD G4v5Range: 1.13.7
- ASUS/BMC firmware for ESC4000 G4v5Range: 1.15.2
- ASUS/BMC firmware for ESC4000 G4Xv5Range: 1.11.6
- ASUS/BMC firmware for ESC8000 G4v5Range: 1.15.4
- ASUS/BMC firmware for ESC8000 G4/10Gv5Range: 1.15.4
- ASUS/BMC firmware for KNPA-U16v5Range: 1.13.4
- ASUS/BMC firmware for Pro E800 G4v5Range: 1.14.2
- ASUS/BMC firmware for RS100-E10-PI2v5Range: 1.13.6
- ASUS/BMC firmware for RS300-E10-PS4v5Range: 1.13.6
- ASUS/BMC firmware for RS300-E10-RS4v5Range: 1.13.6
- ASUS/BMC firmware for RS500A-E10-PS4v5Range: 1.15.2
- ASUS/BMC firmware for RS500A-E10-RS4v5Range: 1.15.2
- ASUS/BMC firmware for RS500A-E9-PS4v5Range: 1.14.1
- ASUS/BMC firmware for RS500A-E9 RS4v5Range: 1.14.1
- ASUS/BMC firmware for RS500A-E9-RS4v5Range: 1.14.1
- ASUS/BMC firmware for RS500-E9-PS4v5Range: 1.15.4
- ASUS/BMC firmware for RS500-E9-RS4v5Range: 1.15.4
- ASUS/BMC firmware for RS500-E9-RS4-Uv5Range: 1.15.4
- ASUS/BMC firmware for RS520-E9-RS12-Ev5Range: 1.15.3
- ASUS/BMC firmware for RS520-E9-RS8v5Range: 1.15.3
- ASUS/BMC firmware for RS700A-E9-RS12V2v5Range: 1.15.1
- ASUS/BMC firmware for RS700A-E9-RS4v5Range: 1.10.0
- ASUS/BMC firmware for RS700A-E9-RS4V2v5Range: 1.15.1
- ASUS/BMC firmware for RS700-E9-RS12v5Range: 1.11.5
- ASUS/BMC firmware for RS700-E9-RS4v5Range: 1.09
- ASUS/BMC firmware for RS720A-E9-RS12V2v5Range: 1.15.2
- ASUS/BMC firmware for RS720A-E9-RS24-Ev5Range: 1.10.3
- ASUS/BMC firmware for RS720A-E9-RS24V2v5Range: 1.15.1
- ASUS/BMC firmware for RS720-E9-RS12-Ev5Range: 1.15.2
- ASUS/BMC firmware for RS720-E9-RS24-Uv5Range: 1.14.3
- ASUS/BMC firmware for RS720-E9-RS8-Gv5Range: 1.15.2
- ASUS/BMC firmware for RS720Q-E9-RS24-Sv5Range: 1.15.0
- ASUS/BMC firmware for RS720Q-E9-RS8v5Range: 1.15.0
- ASUS/BMC firmware for RS720Q-E9-RS8-Sv5Range: 1.15.0
- ASUS/BMC firmware for WS C422 PRO/SEv5Range: 1.14.1
- ASUS/BMC firmware for WS C621E SAGEv5Range: 1.15.1
- ASUS/BMC firmware for WS X299 PRO/SEv5Range: 1.14.1
- ASUS/BMC firmware for Z11PA-D8v5Range: 1.14.1
- ASUS/BMC firmware for Z11PA-D8Cv5Range: 1.14.1
- ASUS/BMC firmware for Z11PA-U12v5Range: 1.15.1
- ASUS/BMC firmware for Z11PA-U12/10G-2Sv5Range: 1.15.1
- ASUS/BMC firmware for Z11PR-D16v5Range: 1.15.3
Patches
Vulnerability mechanics
References
3- www.asus.com/content/ASUS-Product-Security-Advisory/mitrex_refsource_MISC
- www.asus.com/tw/support/callus/mitrex_refsource_MISC
- www.twcert.org.tw/tw/cp-132-4568-627f7-1.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.