CVE-2021-28180 : What You Need to Know
Learn about CVE-2021-28180, a Buffer overflow vulnerability in ASUS BMC's firmware Web management page that allows remote attackers to disrupt services. Find mitigation steps here.
A Buffer overflow vulnerability in ASUS BMC's firmware Web management page allows remote attackers to obtain privileged permission and terminate the Web service abnormally.
Understanding CVE-2021-28180
This CVE involves a specific function in ASUS BMC's firmware that leads to a Buffer overflow vulnerability due to insufficient string length verification.
What is CVE-2021-28180?
The Buffer overflow vulnerability in ASUS BMC's firmware is triggered by the Audit log configuration setting, allowing remote attackers to gain privileged permission and disrupt the Web service.
The Impact of CVE-2021-28180
The vulnerability has a CVSS base score of 4.9, with a medium severity rating. It requires high privileges, has low attack complexity, and affects availability by allowing unauthorized access.
Technical Details of CVE-2021-28180
This section covers the vulnerability description, affected systems, and the exploitation mechanism.
Vulnerability Description
The vulnerability arises from the lack of string length verification in the Audit log configuration setting of ASUS BMC's firmware, leading to a Buffer overflow issue.
Affected Systems and Versions
ASUS products such as BMC firmware for Z10PR-D16 (version 1.14.51), ASMB8-iKVM (version 1.14.51), and Z10PE-D16 WS (version 1.14.2) are impacted by this vulnerability.
Exploitation Mechanism
Remote attackers can exploit this vulnerability to gain privileged access and disrupt the Web service, impacting the availability of the affected systems.
Mitigation and Prevention
Here you will find steps to address and prevent the CVE-2021-28180 vulnerability.
Immediate Steps to Take
To mitigate the vulnerability, users should update BMC's firmwares to the recommended versions:
- Z10PR-D16: 1.16.1
- ASMB8-iKVM: 1.16.1
- Z10PE-D16 WS: 1.16.1
Long-Term Security Practices
Implement security best practices, including regular firmware updates, network segmentation, and access control policies to prevent unauthorized access.
Patching and Updates
Regularly monitor ASUS security advisories and apply patches promptly. Stay informed about firmware updates and security alerts to enhance system security.