CVE-2021-28205 : What You Need to Know
Discover the details of CVE-2021-28205, a medium severity vulnerability in ASUS BMC's firmware allowing remote attackers to access system files through path traversal. Learn about impacted versions and mitigation steps.
A vulnerability has been identified in ASUS BMC's firmware that allows remote attackers to access system files through a path traversal exploit. The affected products include BMC firmware for Z10PR-D16, ASMB8-iKVM, and Z10PE-D16 WS. It was published on April 6, 2021.
Understanding CVE-2021-28205
What is CVE-2021-28205?
The vulnerability arises from a specific function in the ASUS BMC's firmware Web management page that doesn't filter a specific parameter. This can be exploited by remote attackers with administrator permissions to access system files using path traversal.
The Impact of CVE-2021-28205
The vulnerability has a CVSS base score of 4.9, indicating a medium severity issue. It has a high impact on confidentiality as attackers can gain unauthorized access to sensitive data.
Technical Details of CVE-2021-28205
Vulnerability Description
The vulnerability lies in the Delete SOL video file function of the ASUS BMC's firmware Web management page, allowing remote attackers to perform path traversal attacks.
Affected Systems and Versions
- BMC firmware for Z10PR-D16 version 1.14.51
- BMC firmware for ASMB8-iKVM version 1.14.51
- BMC firmware for Z10PE-D16 WS version 1.14.2
Exploitation Mechanism
Remote attackers with administrator permissions can exploit path traversal vulnerabilities to access system files.
Mitigation and Prevention
Immediate Steps to Take
Users are advised to update their BMC's firmwares to the following versions:
- Z10PR-D16 1.16.1
- ASMB8-iKVM 1.16.1
- Z10PE-D16 WS 1.16.1
Long-Term Security Practices
Regularly update firmware and implement access controls to prevent unauthorized access.
Patching and Updates
Keep systems up to date with the latest firmware releases to mitigate security risks.