• Business

    Experts warn Supermicro motherboards can be infected with “unremovable” new malware – here’s what we know

    AnyFans Posted on

    By Sead Fadilpašić

    Copyright techradar

    Experts warn Supermicro motherboards can be infected with unremovable new malware - here's what we know

    Skip to main content

    Tech Radar Pro

    Tech Radar Gaming

    Close main menu

    the business technology experts

    België (Nederlands)

    Deutschland

    North America

    US (English)

    Australasia

    New Zealand

    View Profile

    Search TechRadar

    Expert Insights

    Website builders

    Web hosting

    Best web hosting
    Best office chairs
    Best website builder
    Best antivirus
    Expert Insights

    Don’t miss these

    A new malware is infecting Gigabyte motherboards – and there likely won’t be a fix any time soon

    New Spectre-based CPU vulnerability allows guests to steal sensitive data from the cloud

    Millions of Dell laptops at risk due to Broadcom chip security flaw – here’s how you can stay safe

    AMD warns worrying new Spectre, Meltdown-esque flaw could affect top CPUs – here’s what we know

    New Phoenix RowHammer attack cracks open DDR5 memory defenses in minutes

    Hacker using backdoor to exploit SonicWall Secure Mobile Access to steal credentials

    Your webcam could be hacked and hijacked into malware attacks – researchers warn Lenovo devices specifically at risk

    A clever new Linux malware is breaking into systems – and then shutting the door behind it to avoid detection

    New malware exploits trusted Windows drivers to get around security systems – here’s how to stay safe

    Security flaws in key Nvidia enterprise tool could have let hackers run malware on Windows and Linux systems

    Supermarket freezers and other food storage could have been hacked following flaws discovery

    Hackers hit SAP security bug to send out nasty Linux malware

    SharePoint-ageddon attacks riddled with free Warlock ransomware – and thousands of services could be compromised

    Hackers could take over millions of Dahua CCTV cameras because of two critical flaws – here’s how to stay safe

    Who says crime doesn’t pay? Microsoft has deployed its own security chip on all Azure servers to protect its customers from $10 trillion cybercrime ‘pandemic’

    Experts warn Supermicro motherboards can be infected with “unremovable” new malware – here’s what we know

    Sead Fadilpašić

    25 September 2025

    Last year’s fix wasn’t good enough, Binarly says

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

    (Image credit: Shutterstock)

    Binarly finds new Supermicro BMC flaws enabling persistent, unremovable malware installation
    Attackers can bypass previous patches and exploit firmware validation logic inconsistencies
    Researchers recommend hardware-backed Root of Trust and stricter firmware integrity checks

    Motherboards built by Supermicro can be infected by “unremovable” malware, security experts from Binarly have said, in a recently published detailed analysis of two newly discovered vulnerabilities.

    The vulnerabilities were found in Supermicro’s Baseboard Management Controller (BMC) firmware, which effectively revive a previously patched issue and expose critical weaknesses in the firmware’s validation process.
    A Baseboard Management Controller (BMC) is a microcontroller built into server motherboards that enables out-of-band system management. It runs independently of the main CPU and allows admins to maintain servers remotely, even when they’re shut down. Earlier in 2025, a vulnerability tracked as CVE-2024-10237 was patched. The bug was a logic flaw in the image authentication design that allowed attackers to reflash the BMC SPI chip with malicious firmware.

    You may like

    A new malware is infecting Gigabyte motherboards – and there likely won’t be a fix any time soon

    New Spectre-based CPU vulnerability allows guests to steal sensitive data from the cloud

    Millions of Dell laptops at risk due to Broadcom chip security flaw – here’s how you can stay safe

    Passing validation checks
    Now, security researchers Binarly found a way to bypass this fix and still flash malicious firmware, gaining persistent control over BMC servers, a discovery which resulted in two listed flaws: CVE-2025-7937 and CVE-2025-6198.

    CVE-2025-7937 represents a bypass of the original patch, enabling attackers to exploit the same vulnerability through somewhat modified techniques. CVE-2025-6198, on the other hand, affects other Supermicro products and uses a distinct exploitation method to achieve similar results, including the ability to circumvent the Root of Trust (RoT) security feature.
    Binarly says these vulnerabilities are particularly dangerous since they allow threat actors with admin access to upload specially crafted firmware images that pass validation checks, despite being malicious.
    Once installed, the rogue firmware can provide full and persistent control over both the BMC and the host operating system, granting a level of access that’s difficult to detect and remove.

    Are you a pro? Subscribe to our newsletter
    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
    Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
    Binarly’s investigation revealed the firmware validation process across Supermicro devices typically involves three steps, but inconsistencies and flawed logic in implementation left room for exploitation.
    As a result, they are warning against relying exclusively on software-based validation mechanisms, and instead advise for stronger protections such as hardware-backed RoT features and stronger integrity checks during firmware updates.
    Via BleepingComputer
    You might also like

    Asus patches security flaw which could have bricked servers
    Take a look at our guide to the best authenticator app
    We’ve rounded up the best password managers

    Sead Fadilpašić

    Social Links Navigation

    Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

    You must confirm your public display name before commenting

    Please logout and then login again, you will then be prompted to enter your display name.

    A new malware is infecting Gigabyte motherboards – and there likely won’t be a fix any time soon

    New Spectre-based CPU vulnerability allows guests to steal sensitive data from the cloud

    Millions of Dell laptops at risk due to Broadcom chip security flaw – here’s how you can stay safe

    AMD warns worrying new Spectre, Meltdown-esque flaw could affect top CPUs – here’s what we know

    New Phoenix RowHammer attack cracks open DDR5 memory defenses in minutes

    Hacker using backdoor to exploit SonicWall Secure Mobile Access to steal credentials

    Latest in Security

    Jaguar Land Rover facing costs of “millions per week” following cyberattack – due to a lack of insurance cover

    Cisco warns zero-day vulnerability exploited in attacks on IOS software

    Python developers targeted with new password-stealing phishing attacks – here’s how to stay safe

    Libraseva urges users to patch now as it issues emergency fix following attacks

    GitHub is finally tightening up security around npm following multiple attacks

    Cloudflare says it has (once again) blocked the largest-ever DDoS attack in history

    Latest in News

    Sony unleashes another limited edition DualSense with the God of War 20th Anniversary model – and pre-orders start soon

    The Last of Us star Troy Baker is headed for MCM London Comic Con for a special ‘Songs: for Joel’ live performance

    Sam Altman’s vision for AI is huge – but there’s just one thing standing in his way

    Microsoft Flight Simulator 2024 is flying onto PS5 in December, with PSVR 2 support coming in 2026

    PlayStation reveals Pulse Elevate speakers designed for PS5 and PC – and they have a pretty weird feature set

    Sony announces new release date for Spider-Man: Beyond the Spider-Verse – and it’s a move that’s baffled me

    LATEST ARTICLES

    “The Michigan bill is a danger for the political discourse” – Proton slams verification laws turning VPNs into a liability

    First, AI flooded the internet with slop, now it’s destroying work, too – this is how you use AI and still be a stellar employee

    Sony unleashes another limited edition DualSense with the God of War 20th Anniversary model – and pre-orders start soon

    Apple Music just became a surprise language-learning helper with its latest free update

    I tried the first Google TV with Gemini, and it’s the most important Google TV upgrade yet

    TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

    Contact Future’s experts

    Terms and conditions

    Privacy policy

    Cookies policy

    Advertise with us

    Web notifications

    Accessibility Statement

    Future US, Inc. Full 7th Floor, 130 West 42nd Street,

    Please login or signup to comment

    Please wait…

    You Might Also Like