CVE-2023-34853
https://notcve.org/view.php?id=CVE-2023-34853
Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar variable. • https://github.com/risuxx/CVE-2023-34853 https://www.supermicro.com/Bios/softfiles/17136/X12DPG-QR_1.4b_X1.02.61_SUM2.10.0.zip. https://www.supermicro.com/en/support/security_BIOS_Aug_2023 • CWE-787: Out-of-bounds Write •
CVE-2022-43309
https://notcve.org/view.php?id=CVE-2022-43309
Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions. • http://supermicro.com http://x11ssl-cf.com https://www.supermicro.com/en/support/security_VRM_Jan_2023 • CWE-732: Incorrect Permission Assignment for Critical Resource •