CVE-2020-26122

07.12.2020, 16:15

Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. The Baseboard Management Controller (BMC) program of INSPUR server is weak in checking the firmware and lacks the signature verification mechanism, the attacker who obtains the administrator's rights can control the BMC by inserting malicious code into the firmware program and bypassing the current verification mechanism to upgrade the BMC.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.2 HIGH	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 69%

Vendor	Product	Version
inspur	nf8480m5_firmware	𝑥 < 1.19.34
inspur	nf8260m5_firmware	𝑥 < 1.19.34
inspur	ns5162m5_firmware	𝑥 < 4.5.3
inspur	ns5488m5_firmware	𝑥 < 1.19.33
inspur	ns5484m5_firmware	𝑥 < 1.19.33
inspur	ns5482m5_firmware	𝑥 < 1.19.33
inspur	nf5280m5_firmware	𝑥 < 4.26.6
inspur	nf5468m5_firmware	𝑥 < 1.18.51
inspur	nf5488m5-d_firmware	𝑥 < 1.18.51
inspur	nf5180m5_firmware	𝑥 < 4.18.2
inspur	nf5270m5_firmware	𝑥 < 4.9.1
inspur	nf5260m5_firmware	𝑥 < 3.8.0
inspur	nf5266m5_firmware	𝑥 < 3.21.3
inspur	nf5466m5_firmware	𝑥 < 4.28.0
inspur	nf5486m5_firmware	𝑥 < 3.22.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-347 - Improper Verification of Cryptographic Signature
The software does not verify, or incorrectly verifies, the cryptographic signature for data.

References

https://en.inspur.com/en/2487134/index.html

https://en.inspur.com/en/security_bulletins/security_advisory2/2543921/index.html

https://en.inspur.com/en/2487134/index.html

https://en.inspur.com/en/security_bulletins/security_advisory2/2543921/index.html