Products

Solutions

Company

Book A Live Demo

CVE-2021-28192 : Vulnerability Insights and Analysis

Discover the impact of CVE-2021-28192, a medium-severity ASUS BMC's firmware vulnerability allowing remote attackers to terminate Web service. Learn about affected systems, versions, and mitigation steps.

A Buffer overflow vulnerability in ASUS BMC's firmware Web management page allows remote attackers to terminate the Web service abnormally. This was reported on 6th April 2021.

Understanding CVE-2021-28192

This CVE details a buffer overflow vulnerability in ASUS BMC's firmware, specifically related to the Remote video storage function.

What is CVE-2021-28192?

The vulnerability in ASUS BMC's firmware Web management page allows remote attackers to exploit a buffer overflow due to lack of string length verification, leading to a risk of Web service termination.

The Impact of CVE-2021-28192

With a CVSS base score of 4.9 (Medium severity), the vulnerability poses a high impact on availability. Remote attackers can exploit this issue without user interaction, requiring high privileges.

Technical Details of CVE-2021-28192

This section covers the vulnerability description, affected systems and versions, as well as the exploitation mechanism.

Vulnerability Description

The specific function in ASUS BMC's firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability.

Affected Systems and Versions

BMC firmware for ASMB9-iKVM version 1.11.12

BMC firmware for RS720A-E9-RS24-E version 1.10.3

More affected products and versions are listed by ASUS.

Exploitation Mechanism

Remote attackers exploit the buffer overflow vulnerability to gain privileged access and terminate the Web service.

Mitigation and Prevention

To address this vulnerability, users are advised to update BMC's firmwares to the recommended versions provided by ASUS.

Immediate Steps to Take

Immediate actions include updating the affected BMC firmwares to the specified versions to mitigate the risk of exploitation.

Long-Term Security Practices

Regularly monitor security advisories from ASUS and apply firmware updates promptly to safeguard against vulnerabilities.

Patching and Updates

Ensure the prompt installation of firmware updates released by ASUS to address security vulnerabilities and enhance system protection.

CVE-2021-28192 : Vulnerability Insights and Analysis

Understanding CVE-2021-28192

What is CVE-2021-28192?

The Impact of CVE-2021-28192

Technical Details of CVE-2021-28192

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2021-28192 : Vulnerability Insights and Analysis

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2021-28192

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2021-28192?

The Impact of CVE-2021-28192

Technical Details of CVE-2021-28192

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2021-28192

What is CVE-2021-28192?

Is your System Free of Underlying Vulnerabilities?
Find Out Now